dfs/dce and openssh
Perry Smith
pedz at easesoftware.com
Fri May 11 10:38:28 EST 2007
On May 10, 2007, at 6:53 PM, Simon Wilkinson wrote:
>
> On 10 May 2007, at 16:24, Perry Smith wrote:
>
>> I'm pretty sure that somehow Apple has managed to solve this
>> problem. They authenticate with Kerberos and I can log from system A
>> to system B using ssh. There may be two problems here...
>
> I think we're talking at cross purposes here
>
> 1) If you're connecting to a system using an RSA/DSA key, there's
> no way to use that RSA key to get Kerberos credentials
> 2) If you want to connect to a machine where the RSA public keys
> are in a .authorized_keys file in the Kerberized filesystem - you
> need that file to be readable by the sshd. This will let you log
> in, but still won't give you Kerberos credentials.
>
I am starting out from a system with Kerberos credientials. I don't
know what exactly that implies. Does that imply that I don't need
the RSA/DSA stuff at all and the Kerberos ticket is just passed?
More information about the openssh-unix-dev
mailing list