Secure Shell
Re: openssh + kerberos + windows ad Jan 04 2010 06:17PM
Marcello Mezzanotti (marcello mezzanotti gmail com) (1 replies)
Re: openssh + kerberos + windows ad Jan 04 2010 11:18PM
Bob Rasmussen (ras anzio com) (1 replies)
Re: openssh + kerberos + windows ad Jan 06 2010 01:05PM
Marcello Mezzanotti (marcello mezzanotti gmail com) (1 replies)
Re: openssh + kerberos + windows ad Jan 06 2010 02:30PM
Bob Rasmussen (ras anzio com) (2 replies)
On Wed, 6 Jan 2010, Marcello Mezzanotti wrote:

> Bob,
>
> What exactly you want to know? :)

1) What version(s) of PuTTY work in your environment? Did you try the
developer's build from the official PuTTY site?

2) Did you have to create a keytab file on the AD server, and transfer it
to the SSH server? How exactly did you do this?

3) Did you find online documents that were especially helpful? What were
they?

Thanks.

>
>
>
> On Mon, Jan 4, 2010 at 9:18 PM, Bob Rasmussen <ras (at) anzio (dot) com [email concealed]> wrote:
> > I am attempting the same thing myself, almost. Please provide as many
> > details as you can.
> >
> > My AD server is a 2008 Server box, my client is a Windows 2000 box, trying
> > to use Windows PuTTY to log in to a Linux box that is running OpenSSH.
> >
> > I also am running WireShark (formerly Ethereal) to monitor the network, so
> > I can see Kerberos transactions - those that work and those that fail.
> >
> > The PuTTY I am trying is, I think, an unreleased version from the official
> > website. It has calls to GSSAPI.
> >
> > At this point I get messages about an illegal flag being set. I see these
> > in WireShark.
> >
> > I'd appreciate any help.
> >
> > On Mon, 4 Jan 2010, Marcello Mezzanotti wrote:
> >
> >> I just did :)
> >>
> >> the problem was the keytab, i created using linux command "net ads
> >> keytab create",
> >>
> >> i tested both linux ssh client and putty
> >> (PuTTY-0.58-GSSAPI-2005-07-24, i tested with another patched putty
> >> client, worked, but it didnt created/forwared my ticket) and all
> >> worked fine.
> >>
> >> Is "Kerberos for Windows" necessary for Windows/Putty?
> >>
> >> Thank you all for help.
> >>
> >> Thank you,
> >> Marcello
> >>
> >> --
> >> Marcello Mezzanotti <marcello.mezzanotti (at) gmail (dot) com [email concealed]>
> >> http://blogdomarcello.wordpress.com
> >> Information Security
> >> UNIX / Linux / *BSD
> >>
> >>
> >
> > Regards,
> > ....Bob Rasmussen,   President,   Rasmussen Software, Inc.
> >
> > personal e-mail: ras (at) anzio (dot) com [email concealed]
> >  company e-mail: rsi (at) anzio (dot) com [email concealed]
> >          voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
> >            fax: (US) 503-624-0760
> >            web: http://www.anzio.com
> >  street address: Rasmussen Software, Inc.
> >                 10240 SW Nimbus, Suite L9
> >                 Portland, OR  97223  USA
> >
>
>
>
> --
> Marcello Mezzanotti <marcello.mezzanotti (at) gmail (dot) com [email concealed]>
> http://blogdomarcello.wordpress.com
> Information Security
> UNIX / Linux / *BSD
>
>

Regards,
....Bob Rasmussen, President, Rasmussen Software, Inc.

personal e-mail: ras (at) anzio (dot) com [email concealed]
company e-mail: rsi (at) anzio (dot) com [email concealed]
voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
fax: (US) 503-624-0760
web: http://www.anzio.com
street address: Rasmussen Software, Inc.
10240 SW Nimbus, Suite L9
Portland, OR 97223 USA

[ reply ]
Re: openssh + kerberos + windows ad Jan 28 2010 02:52PM
Jackson (jakrainer yahoo com)
Re: openssh + kerberos + windows ad Jan 06 2010 06:27PM
Marcello Mezzanotti (marcello mezzanotti gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus