You are here

Kerberos for Cygwin

Printer-friendly versionPrinter-friendly version

Kerberos support exists for Cygwin, but might not be in the standard package set installed by default. To install and use Kerberos for use with ssh in Cygwin:

Installation

  1. Start the Cygwin setup.exe program
  2. Select the following two packages for installation:
    'Net' category:
        krb5-workstation: Kerberos reference implementation clients
        openssh: Secure shell server and client programs
    
  3. Complete the installation.

Configuration

For seamless operation, both Kerberos and ssh now need to be configured:

  1. Start a Cygwin bash shell
  2. Create the file /etc/krb5.conf and populate it as follows:
    [libdefaults]
        default_realm = INF.ED.AC.UK
        forwardable = true
    
  3. Create the file .ssh/config in your home directory and populate it as follows:
    Host *.inf.ed.ac.uk
        User <yourusername>
        GSSAPIAuthentication yes
        GSSAPIDelegateCredentials yes
    

    where <yourusername> is your DICE username.

Usage

Before making your first ssh connection in any Cygwin session, you need to authenticate to the Informatics Kerberos service. In a Cygwin bash shell, type:

kinit <yourusername>

You will be prompted to enter your Informatics password. After you have successfully authenticated, you will have acquired a Kerberos ticket-granting ticket and you should now be able to ssh to Informatics machines without having to specify your username or password.

Last reviewed: 
18/10/2017

System Status

Home dirs (AFS)
Network
Mail
Other services
Scheduled downtime

Because of the cooling failure in Appleton Tower server room on Saturday morning, many services (including some AFS volumes) are still unavailable. All services should be working by Monday lunchtime.

Choose a topic