[Samba] pam_winbind and krb5_auth
Hey list, I'm wondering if there is any advantage to be gained by using kerberos with pam_winbind. I've configured pam_winbind and enabled krb5_auth though apart from being granted a ticket, I'm unsure as to any advantage that would be gained by enabling Kerberos. Thanks, Matt Delves -- - Matthew Delves System Administrator Information Systems Networks Infrastructure University of Ballarat ph: 03 5327 9732 email: m.del...@ballarat.edu.au -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] pam_winbind and krb5_auth
If you configure SSH and NFS, you get passwords logins and mounts. I think mount.smb can use it as well as smbclient. I know that KDE auto logs me into Samba/WIndows file shares without a password just like Windows. If you have Kerberos websites, you can configure your browser to pass tickets and get single-signon. There are quiet a few things you can do. If you have to enter a password, there is usually a way to enable Kerberos for it. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Tue, Jun 8, 2010 at 9:17 PM, Matthew Delves m.del...@ballarat.edu.auwrote: Hey list, I'm wondering if there is any advantage to be gained by using kerberos with pam_winbind. I've configured pam_winbind and enabled krb5_auth though apart from being granted a ticket, I'm unsure as to any advantage that would be gained by enabling Kerberos. Thanks, Matt Delves -- - Matthew Delves System Administrator Information Systems Networks Infrastructure University of Ballarat ph: 03 5327 9732 email: m.del...@ballarat.edu.au -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] pam_winbind and krb5_auth
On 9/06/2010 at 1:22 pm, Robert LeBlanc rob...@leblancnet.us wrote: If you configure SSH and NFS, you get passwords logins and mounts. I think mount.smb can use it as well as smbclient. I know that KDE auto logs me into Samba/WIndows file shares without a password just like Windows. If you have Kerberos websites, you can configure your browser to pass tickets and get single-signon. There are quiet a few things you can do. If you have to enter a password, there is usually a way to enable Kerberos for it. Thanks for that explanation. That's more when using Linux as a workstation. I'm using Linux as a server and am wanting to use Kerberos authentication as a way of achieving SSO. Currently I have the linux server setup so that it retrieves a kerberos ticket when a user logs in via ssh, though when I tell PuTTY to authenticate using kerberos, it still asks for a password. Is there a way to track down just what is going on there? Thanks, Matt Delves. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] pam_winbind and krb5_auth
On Tue, Jun 8, 2010 at 10:48 PM, Matthew Delves m.del...@ballarat.edu.auwrote: On 9/06/2010 at 1:22 pm, Robert LeBlanc rob...@leblancnet.us wrote: If you configure SSH and NFS, you get passwords logins and mounts. I think mount.smb can use it as well as smbclient. I know that KDE auto logs me into Samba/WIndows file shares without a password just like Windows. If you have Kerberos websites, you can configure your browser to pass tickets and get single-signon. There are quiet a few things you can do. If you have to enter a password, there is usually a way to enable Kerberos for it. Thanks for that explanation. That's more when using Linux as a workstation. I'm using Linux as a server and am wanting to use Kerberos authentication as a way of achieving SSO. Currently I have the linux server setup so that it retrieves a kerberos ticket when a user logs in via ssh, though when I tell PuTTY to authenticate using kerberos, it still asks for a password. Is there a way to track down just what is going on there? It took me a long time to get Kerberos SSH working. My best friends were ssh - and running sshd in debug mode. It will take a while, but the passwordless login is very nice. I was able to do if from Mac and Linux, I think I got Putty working on one Window's machine, but it required a special version of Putty from what I remember. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba