SSH and Kerberos usage
Sandeep Umesh
sanumesh at in.ibm.com
Wed Oct 21 15:18:00 AEDT 2015
Hello
I am not sure if this has already been discussed over time, but I have a
situation where I am not able to ssh with kerberos principal name.
Here is the scenario -
currently I am using openSSH 6.0 version and I have set the following -
in sshd_config file -
KerberosAuthentication yes
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
in ssh_config file -
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
After I obtain the kerberos TGT using - kinit user_name and try to login
as ssh user_name at hostname, it works fine and I am able to login without a
password prompt .
However, if I try to login as ssh user_name at realm_name@hostname then I am
prompted for the password.
I think the principal name to local name conversation is not happening
properly which I am yet to verify. But is there any other solution
available for this?
Thanks
Regards
Sandeep
More information about the openssh-unix-dev
mailing list