This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ITP] heimdal

On Mar 20 15:54, Yaakov (Cygwin/X) wrote:
> On 2012-03-19 04:40, Corinna Vinschen wrote:
> >On Mar 19 04:24, Yaakov (Cygwin/X) wrote:
> >>This combination (kinit name@HOST then ssh -K) worked for me when I
> >>tested heimdal way back when.  I'll have to figure out how to set up a
> >>kerberos server so I can try it again (unless someone else has one we
> >>can test with?).
> >
> >You could install the evaluation version of Windows Server 2008 R2 in
> >a virtual machine:
> >
> >
> >
> >and set it up as AD domain controller.
> I think I figured this out with heimdal itself.  I turned off other
> auths besides GSSAPI in sshd_config as so:

Cool.  So it does work.  The problem is, I assume that most people
will try to use it against a Windows domain.  We should at least
know how to do that to be able to create a FAQ for the required
settings.  A quick search on the net shows a couple of "Heimdal and
Windows 2000" entries, but none of them I looked into gave a simple
receipt for the client side.  It might have something to do with the
used hash algorithm.

> Then after (re)starting my krb5-enabled sshd, I did the following:
> ### should this be changed to /var/lib/heimdal ?
> $ mkdir /var/heimdal

Yes, /var/lib/heimdal sounds right.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]