Re: Kerberos 5 authentication without password?
Darren Tucker wrote:[color=blue]
> Jeff Blaine wrote:[color=green]
>> First a question whose answer may negate the rest of the
>> Q: Is it possible to configure OpenSSH to allow a user
>> coming from host X, with a valid TGT there, to login
>> without being asked for a password... without using
>> SSH's public key crypto for that password-less auth?[/color]
>> GSSAPIAuthentication yes
>> GSSAPIKeyExchange yes
>> GSSAPICleanupCredentials yes[/color]
> Have you enabled GSSAPIAuthentication (and maybe
> GSSAPIDelegateCredentals and PreferredAuthentications) in the client?
> The former two default to "no" and the latter's default does not have
Thanks, Darren. Do you know if there is any reason why
ssh_config does not list (commented out) all of the
defaults in order to give the installer a list of
toggleable items? (like sshd_config already has,
That solved the problem though.