[GRLUG] PuTTY, GSSAPI, Linux and Active Directory

Michael Mol mikemol at gmail.com
Thu Jun 14 16:03:45 EDT 2012


Has anyone here ever gotten PuTTY to authenticate to a Linux box using
GSSAPI in an Active Directory scenario?

Less concise, more obvious:

1) Active Directory is a trust-based authentication system. You can
have accounts on a Linux box auth using AD credentials using Samba.

2) GSSAPI is one of the standard network protocol authentication
mechanisms that exist. OpenSSH supports it, as does Windows.

3) PuTTY is an SSH client and terminal emulator for Windows, and has
support for GSSAPI.

Given that I'm logged into a Windows session using domain credentials,
and given that I'm using PuTTY to connect to a Linux system which is
on the domain, and given that OpenSSH, PuTTY and Windows all support
GSSAPI, I'd PuTTY/GSSAPI to use my Windows credential ticket to
connect to the Linux system. This would be pretty much equivalent to
using pagent, except I'm using my Windows login session for auth
instead of crypto keys.

-- 
:wq


More information about the grlug mailing list