This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [ITP] heimdal (was: Cygwinports Heimdal for the distro?)
On Mon, 2012-03-19 at 09:35 +0100, Corinna Vinschen wrote:
> I already have a strange problem with the client. I enabled
> KerberosAuthentication and GSSAPIAuthentication on my Linux server,
> which has a /etc/krb5.conf file for authentication against my Windows
> domain (for Samba).
>
> Logging in with my Kerberos password is no problem, but that doesn't
> test the client at all, only the server. So I tried kinit and then ssh
> -K, which enables credential forwarding. IIUC that means the password I
> already entered via kinit should be forwarded to the server and I don't
> have to enter a password, just as when using pubkey authentication.
>
> However, that doesn't work at all. If I run ssh -Kvvv, I see an error
> message like this in the verbose output:
This combination (kinit name@HOST then ssh -K) worked for me when I
tested heimdal way back when. I'll have to figure out how to set up a
kerberos server so I can try it again (unless someone else has one we
can test with?).
Yaakov