Hi list! I'm sure I'm not the only one with the following problem, and I'd like to know if/how someone else has solved it.
See, there are a lot of places where one would like to obtain a ticket non-interactively. Apart from such places as cron, where there's obviously no other choice than to store the key in a keytab, there is the problem with SSH public-key authentication. I'm thinking that it should somehow be possible to have the SSH client (which has access to the private key) decrypt a key for the server, which can then get a TGT with that key. Is that possible, or is there any other solution that I haven't thought of. Similarly, what about HTTPS connections where the client has a client certificate? Obviously, there *is* a private key involved, but is there any way the HTTP server can ask the client to decrypt a TGT key for it? Thank you for your attention! Fredrik Tolf ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
