Sshd and domain authentication

Corinna Vinschen vinschen at redhat.com
Wed May 21 04:23:42 EST 2003


On Tue, May 20, 2003 at 01:01:05PM -0500, Douglas E. Engert wrote:
> 
> 
> "Lee-Lun, Michael [IT]" wrote:
> > 
> > Is there a way to run sshd on a windows 2000 server and have ssh clients
> > authenticate to it using domain level authentication?
> 
> Almost. Windows 2000 uses Kerberos for authentication, and the SSPI which 
> is an early version of the Kerberos GSSAPI. It uses the same protocol as 
> the Kerberos GSSAPI. So if the ssh client and server use the GSSAPI then 
> you are close. 
> 
> You still need a server for Windows. There may be one out there. 

You can do this with a Cygwin sshd.  But it needs a well maintained
/etc/passwd and /etc/group files containing the domain accounts which
are allowed to login.

Corinna

-- 
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com




More information about the openssh-unix-dev mailing list