is it possible to make an exception for Linux + GSSAPI?
For example, when on the server side after gss_accept_sec_context, we
know for sure that there is a client principal in src_name...
2023-02-02 9:45 GMT, David FORT via FreeRDP-devel
:
> Le 02/02/2023 à 07:18, Andrey Af via FreeRDP-devel a
Le 02/02/2023 à 07:18, Andrey Af via FreeRDP-devel a écrit :
Hi All,
Today I checked the version from master. I see a lot of work with
kerberos support.
I have a question - why does the client ask the password? I have a
principal ticket, this should be enough for kerberos authentication.
Client
Hi All,
Today I checked the version from master. I see a lot of work with
kerberos support.
I have a question - why does the client ask the password? I have a
principal ticket, this should be enough for kerberos authentication.
Client logs:
[DEBUG][com.freerdp.core.nego] -
Le 01/02/2023 à 09:44, Andrey Af via FreeRDP-devel a écrit :
Hi All!
I build a freerdp 2.8.1 with the flag WITH_GSSAPI=ON. And for the
freerdp-shadow, I made a keytab with the TERMSRV/hostname@REALM
principal. I use the environment variable KRB5_KTNAME. I run
freerdp-shadow-cli and I don't see
Hi Andrey,
kerberos authentication is not really working properly with FreeRDP 2.
There have been huge advancements on master regarding that though.
regards
Armin
On 01.02.23 09:44, Andrey Af via FreeRDP-devel wrote:
Hi All!
I build a freerdp 2.8.1 with the flag WITH_GSSAPI=ON. And for
Hi All!
I build a freerdp 2.8.1 with the flag WITH_GSSAPI=ON. And for the
freerdp-shadow, I made a keytab with the TERMSRV/hostname@REALM
principal. I use the environment variable KRB5_KTNAME. I run
freerdp-shadow-cli and I don't see gss_xxx in the logs. I can conclude
that the use of kerberos is