- Kerberos {en}
- Home Directory
- Linux {en}
- Scanning {en}
- Software
- Mathematica {en}
- Subversion {en}
- Virtualization {en}
- VPN BFH ITS VPN
- Mail Clients
- Thunderbird {en}
Sidebar
bfh:wiki-legacy:en:kerberos:ssh
Table of Contents
SSH
OpenSSH
The following command enables Authentication using GSSAPI:
ssh -l BFHusername -o GSSAPIAuthentication=yes catbert.bfh.ch
Your home directory won't be mounted unless you delagate your credentials:
ssh -l BFHusername -o GSSAPIAuthentication=yes -o GSSAPIDelegateCredentials=yes catbert.bfh.ch
One might argue that this isn't much more convenient than typing its own password… Well, just add the following lines to your SSH configuration in ~/.ssh/config:
Host catbert Hostname catbert.bfh.ch User BFHusername GSSAPIAuthentication yes GSSAPIDelegateCredentials yes
These options are enabled by default on our PXE-based Linux setup at the TI Biel/Bienne site. You can connect to catbert by simply typing
ssh catbert
It's possible to use wildcards like
Host *.bfh.ch
in the SSH configuration - use them at your own risk.
PuTTY
Requirements
- You have to install Kerberos for Windows as described on the Kerberos main page, otherwise your credentials won't be delegated, which is needed to mount your home directory.
- Download (and install) the latest development snapshot from the PuTTY download page.
Configuration
Enable the options
- Attempt GSSAPI authentication (SSH-2 only)
- Allow GSSAPI credential delegation
and make sure that UTF-8 is selected as character set:
Enter BFHusername@catbert.bfh.ch1) under Host Name and save your session settings.
Click Open to connect to (y)our favorite SSH login server!
1)
username@hostname.bfh.ch in general.bfh/wiki-legacy/en/kerberos/ssh.txt · Last modified: 2015/11/13 15:20 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
