Hello there, Quest provides a PUTTY version with GSSAPI enabled: http://rc.quest.com/topics/putty/ It works fine. Regards, Jackson --- Em qua, 6/1/10, Bob Rasmussen <ras@xxxxxxxxx> escreveu: > De: Bob Rasmussen <ras@xxxxxxxxx> > Assunto: Re: openssh + kerberos + windows ad > Para: "Marcello Mezzanotti" <marcello.mezzanotti@xxxxxxxxx> > Cc: kerberos@xxxxxxx, secureshell@xxxxxxxxxxxxxxxxx, secureshell-return-10634@xxxxxxxxxxxxxxxxx > Data: Quarta-feira, 6 de Janeiro de 2010, 6:30 > On Wed, 6 Jan 2010, Marcello > Mezzanotti wrote: > > > Bob, > > > > What exactly you want to know? :) > > 1) What version(s) of PuTTY work in your environment? Did > you try the > developer's build from the official PuTTY site? > > 2) Did you have to create a keytab file on the AD server, > and transfer it > to the SSH server? How exactly did you do this? > > 3) Did you find online documents that were especially > helpful? What were > they? > > Thanks. > > > > > > > > > On Mon, Jan 4, 2010 at 9:18 PM, Bob Rasmussen <ras@xxxxxxxxx> > wrote: > > > I am attempting the same thing myself, almost. > Please provide as many > > > details as you can. > > > > > > My AD server is a 2008 Server box, my client is a > Windows 2000 box, trying > > > to use Windows PuTTY to log in to a Linux box > that is running OpenSSH. > > > > > > I also am running WireShark (formerly Ethereal) > to monitor the network, so > > > I can see Kerberos transactions - those that work > and those that fail. > > > > > > The PuTTY I am trying is, I think, an unreleased > version from the official > > > website. It has calls to GSSAPI. > > > > > > At this point I get messages about an illegal > flag being set. I see these > > > in WireShark. > > > > > > I'd appreciate any help. > > > > > > On Mon, 4 Jan 2010, Marcello Mezzanotti wrote: > > > > > >> I just did :) > > >> > > >> the problem was the keytab, i created using > linux command "net ads > > >> keytab create", > > >> > > >> i tested both linux ssh client and putty > > >> (PuTTY-0.58-GSSAPI-2005-07-24, i tested with > another patched putty > > >> client, worked, but it didnt created/forwared > my ticket) and all > > >> worked fine. > > >> > > >> Is "Kerberos for Windows" necessary for > Windows/Putty? > > >> > > >> Thank you all for help. > > >> > > >> Thank you, > > >> Marcello > > >> > > >> -- > > >> Marcello Mezzanotti <marcello.mezzanotti@xxxxxxxxx> > > >> http://blogdomarcello.wordpress.com > > >> Information Security > > >> UNIX / Linux / *BSD > > >> > > >> > > > > > > Regards, > > > ....Bob Rasmussen, President, Rasmussen > Software, Inc. > > > > > > personal e-mail: ras@xxxxxxxxx > > > company e-mail: rsi@xxxxxxxxx > > > voice: (US) 503-624-0360 (9:00-6:00 > Pacific Time) > > > fax: (US) 503-624-0760 > > > web: http://www.anzio.com > > > street address: Rasmussen Software, Inc. > > > 10240 SW Nimbus, Suite > L9 > > > Portland, OR 97223 > USA > > > > > > > > > > > -- > > Marcello Mezzanotti <marcello.mezzanotti@xxxxxxxxx> > > http://blogdomarcello.wordpress.com > > Information Security > > UNIX / Linux / *BSD > > > > > > Regards, > ....Bob > Rasmussen, President, Rasmussen > Software, Inc. > > personal e-mail: ras@xxxxxxxxx > company e-mail: rsi@xxxxxxxxx > voice: (US) 503-624-0360 > (9:00-6:00 Pacific Time) > fax: (US) > 503-624-0760 > web: http://www.anzio.com > street address: Rasmussen Software, Inc. > > 10240 SW Nimbus, Suite L9 > > Portland, OR 97223 USA ____________________________________________________________________________________ Veja quais são os assuntos do momento no Yahoo! +Buscados http://br.maisbuscados.yahoo.com
