Sshd and domain authentication
Corinna Vinschen
vinschen at redhat.com
Wed May 21 04:23:42 EST 2003
On Tue, May 20, 2003 at 01:01:05PM -0500, Douglas E. Engert wrote:
>
>
> "Lee-Lun, Michael [IT]" wrote:
> >
> > Is there a way to run sshd on a windows 2000 server and have ssh clients
> > authenticate to it using domain level authentication?
>
> Almost. Windows 2000 uses Kerberos for authentication, and the SSPI which
> is an early version of the Kerberos GSSAPI. It uses the same protocol as
> the Kerberos GSSAPI. So if the ssh client and server use the GSSAPI then
> you are close.
>
> You still need a server for Windows. There may be one out there.
You can do this with a Cygwin sshd. But it needs a well maintained
/etc/passwd and /etc/group files containing the domain accounts which
are allowed to login.
Corinna
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com
More information about the openssh-unix-dev
mailing list