Kerberos: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
|||
| Zeile 21: | Zeile 21: | ||
GSSAPITrustDNS yes | GSSAPITrustDNS yes | ||
</pre> | </pre> | ||
| + | |||
| + | *http://trabauer.com/?p=383 | ||
Version vom 8. September 2014, 15:42 Uhr
important
client and servers should have the correct time and should resolv A and PTR record on dns
ssh-server
modification /etc/ssh/sshd_config
# GSSAPI options GSSAPIAuthentication yes GSSAPICleanupCredentials yes GSSAPIKeyExchange yes GSSAPIStoreCredentialsOnRekey yes
generate a keytab-file
net ads keytab create -U administrator
ssh-client
modification /etc/ssh/ssh_config
GSSAPIAuthentication yes GSSAPIDelegateCredentials yes GSSAPIKeyExchange yes GSSAPIRenewalForcesRekey yes GSSAPITrustDNS yes