Help on kerberos passwordless login in ssh service

To: debian-user@lists.debian.org
Subject: Help on kerberos passwordless login in ssh service
From: Ding Honghui <hhding.gnu@gmail.com>
Date: Mon, 01 Dec 2008 14:49:49 +0800
Message-id: <[🔎] 4933890D.4020508@gmail.com>

Hello list,

My OS is Debian 4.0.
I install 3 server, 1 is kerberos server(krb), 1 is ssh client(sshc) and
1 is ssh server(sshs).
My kerberos server installed krb5-admin-server and krb5-kdc.
I has add a principal root and host/krbsshs.hz.vobile in kerberos server.
For ssh client and ssh server, I install krb5-user and krb5-config.

I would like to test if I can ssh from sshc to sshs passwordlessly.

I run kinit -f and klist, it seems ok.

But, when I ssh to sshs, it prompt me to input password, I input the
kerberos password, then I login to the server. That's not I wanted. How
should I config so that I can login to sshs from sshc without password.

krb
====

krb:~# kadmin.local
Authenticating as principal root/admin@HZ.VOBILE with password.
kadmin.local:  listprincs
K/M@HZ.VOBILE
host/krbsshs.hz.vobile@HZ.VOBILE
kadmin/admin@HZ.VOBILE
kadmin/changepw@HZ.VOBILE
kadmin/history@HZ.VOBILE
kadmin/krb.hz.vobile@HZ.VOBILE
krbtgt/HZ.VOBILE@HZ.VOBILE
root/admin@HZ.VOBILE
root@HZ.VOBILE
kadmin.local:  quit
krb:~#

sshc
====

Host *
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes

Regards,
Ding Honghui

Reply to:

Prev by Date: Re: obtaining linux-source or linux-image for 686 versions 2.6.19 - 2.6.23
Next by Date: Re: Does Pirated Windows Install on New Hard Drives?
Previous by thread: Re: obtaining linux-source or linux-image for 686 versions 2.6.19 - 2.6.23
Next by thread: Re: Does Pirated Windows Install on New Hard Drives?
Index(es):
- Date
- Thread