I've set up windows with the instructions given over here:


And all seems to be working fine. After I run klist I see valid tickets:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.


Aktuelle Anmelde-ID ist 0:0x153b25

Zwischengespeicherte Tickets: (1)

#0>     Client: fh @ REALM
        Server: krbtgt/REALM @ REALM
        KerbTicket (Verschl├╝sselungstyp): AES-256-CTS-HMAC-SHA1-96
        Ticketkennzeichen 0x40e10000 -> forwardable renewable initial
t name_canonicalize
        Startzeit: 1/4/2013 14:03:11 (lokal)
        Endzeit:   1/5/2013 14:03:11 (lokal)
        Erneuerungszeit: 1/11/2013 14:03:11 (lokal)
        Sitzungsschl├╝sseltyp: AES-256-CTS-HMAC-SHA1-96

I can do a passwordless login with the latest putty with kerberos
authentication,  I disabled password and key logins. And then on the host I
checked klist and got this:

[fh@test-server-ipa ~]$ klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_1554800011)

sudo also doesn't work. To test the setup I did the same from linux host
and login in, sudo, klist etc etc all work fine. So I checked the sshd -d
output difference and the only difference I see is:

-Postponed gssapi-with-mic for fh from port 50334 ssh2

-debug1: Received some client credentials

+Postponed gssapi-with-mic for fh from port 49168 ssh2

+debug1: Got no client credentials

Where .73 is the linux host and .56 is the windows host.

What am I missing here?


# Han
Freeipa-users mailing list

Reply via email to