Kerberos 5 authentication paper
Just finished the first draft of my Using Kerberos 5 for Single Sign-On Authentication paper. Needs to be re-read and proofed and definitely needs some adding (i.e. adding Windows XP and Mac OS X clients, integrating with OpenLDAP, etc.). but for a starter, it’s pretty good (I needed it to document the setup and testing of kerberos for security update testing anyways). Not bad… only 2 days of work to get it all figured out and written, although I think the server-side stuff will be the easy part and integrating with OS X and XP may be more of a PITA.
flo
Hey, nice thing your Kerberos article, but i cannot get my ssh V2 working. I’ll try harder
Jul 21, 2005 @ 17:39:10Vincent Danen
I find looking at the ssh debug output (ie. ssh -vv localhost) works wonders and you can see at which point the authentication is going. I also found that it absolutely did not work unless you made the changes described to the ssh *client* as well as the server. I figured that part out after watching ssh -vv a few times and it dawned on me that it never even bothered trying the GSSAPI negotiation even though it was listed as a protocol to try.
Good luck!
Jul 21, 2005 @ 19:46:55