This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [ITP] heimdal
On Mar 20 15:54, Yaakov (Cygwin/X) wrote:
> On 2012-03-19 04:40, Corinna Vinschen wrote:
> >On Mar 19 04:24, Yaakov (Cygwin/X) wrote:
> >>This combination (kinit name@HOST then ssh -K) worked for me when I
> >>tested heimdal way back when. I'll have to figure out how to set up a
> >>kerberos server so I can try it again (unless someone else has one we
> >>can test with?).
> >
> >You could install the evaluation version of Windows Server 2008 R2 in
> >a virtual machine:
> >
> >http://technet.microsoft.com/en-us/evalcenter/dd459137.aspx
> >
> >and set it up as AD domain controller.
>
> I think I figured this out with heimdal itself. I turned off other
> auths besides GSSAPI in sshd_config as so:
Cool. So it does work. The problem is, I assume that most people
will try to use it against a Windows domain. We should at least
know how to do that to be able to create a FAQ for the required
settings. A quick search on the net shows a couple of "Heimdal and
Windows 2000" entries, but none of them I looked into gave a simple
receipt for the client side. It might have something to do with the
used hash algorithm.
> Then after (re)starting my krb5-enabled sshd, I did the following:
>
> ### should this be changed to /var/lib/heimdal ?
> $ mkdir /var/heimdal
Yes, /var/lib/heimdal sounds right.
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat