User Tools
sspi_gssapi_аутентификация_для_сервиса_sshd
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
sspi_gssapi_аутентификация_для_сервиса_sshd [2009/04/08 17:32] val |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== SSPI/GSSAPI аутентификация для сервиса sshd ====== | ||
| - | |||
| - | ===== Регистрация сервиса ssh в AD ===== | ||
| - | |||
| - | Добавляем пользователя в AD | ||
| - | <code> | ||
| - | Login: gXhost | ||
| - | Password: Pa$$w0rd | ||
| - | </code> | ||
| - | Пароль не меняется и не устаревает | ||
| - | |||
| - | ===== Копирования ключа KERBEROS AD на сервер ssh ===== | ||
| - | <code> | ||
| - | C:\>ktpass -princ host/gX.adX.class@ADX.CLASS -mapuser gXhost -pass 'A!S@d3f4' -out gXhost.keytab | ||
| - | |||
| - | C:\> pscp gXhost.keytab student@gX: | ||
| - | |||
| - | g13# ktutil copy ~student/g13host.keytab /etc/krb5.keytab | ||
| - | |||
| - | g13# ktutil list | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка сервиса sshd на использование GSSAPI ===== | ||
| - | <code> | ||
| - | g13# cat /etc/ssh/sshd_config | ||
| - | ... | ||
| - | GSSAPIAuthentication yes | ||
| - | ... | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка GSSAPI клиента (putty) ===== | ||
| - | <code> | ||
| - | Hostname: uX@gX.adX.class | ||
| - | SSH->Auth-Attempt GSSAPI... | ||
| - | </code> | ||
sspi_gssapi_аутентификация_для_сервиса_sshd.1239197567.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
