Greetings,
* Ken Hornstein via Kerberos (kerberos@mit.edu) wrote:
> >Has anyone else struggled with ssh clients being unable to delegate
> >As far as we can tell, for reasons we still have been unable to
> >fathom, Microsoft decided that simply permitting credential delegation
> >based on whether
>Has anyone else struggled with ssh clients being unable to delegate
>As far as we can tell, for reasons we still have been unable to
>fathom, Microsoft decided that simply permitting credential delegation
>based on whether the TGT has the forwardable flag set was
>insufficient. Instead, Microsoft
Has anyone else struggled with ssh clients being unable to delegate
Kerberos credentials to a remote host because the Kerberos library
that the ssh client uses implements the MS-SFU Kerberos Protocol
Extensions and therefore honors the TRUSTED_FOR_DELEGATION flag of the
target host?
More generally
