"Ryan B. Lynch" <[EMAIL PROTECTED]> writes: > Hi, > > I'm wondering if it's possible to get OpenSSH authenticating via Kerberos > WITHOUT using PAM. > > I was looking through the archives of the last couple months, specifically the > discussions on OpenSSH and krb5, but I couldn't find any references to > working setups that didn't use PAM. Google has a lot of information, but I > haven't found anything dealing with the PAM question specifically. The docs > are treating me similarly. >
This applies to OpenSSH 3.8.1p1: # cat /etc/ssh/sshd_config ... GSSAPIAuthentication yes GSSAPICleanupCredentials yes ... # cat /etc/ssh/ssh_config Protocol 2 GSSAPIAuthentication yes GSSAPIDelegateCredentials yes See sshd_config(5) and ssh_config(5). Additionaly You need a krb5.keytab entry for host/[EMAIL PROTECTED] at the host running sshd. Regards, Christian -- Christian Pfaffel <[EMAIL PROTECTED]> Technische Universit�t Graz Telefon: +43 / 316 / 873 - 81 90 Institut f�r Theoretische Physik Telefax: +43 / 316 / 873 - 86 78 Petersgasse 16, A-8010 Graz http://fubphpc.tu-graz.ac.at/~flash/pubkey.gpg ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
