You are here

Kerberos for Cygwin

Printer-friendly versionPrinter-friendly version

Kerberos support exists for Cygwin, but might not be in the standard package set installed by default. To install and use Kerberos for use with ssh in Cygwin:

Installation

  1. Start the Cygwin setup.exe program
  2. Select the following two packages for installation:
    'Net' category:
        krb5-workstation: Kerberos reference implementation clients
        openssh: Secure shell server and client programs
    
  3. Complete the installation.

Configuration

For seamless operation, both Kerberos and ssh now need to be configured:

  1. Start a Cygwin bash shell
  2. Create the file /etc/krb5.conf and populate it as follows:
    [libdefaults]
        default_realm = INF.ED.AC.UK
        forwardable = true
    
  3. Create the file .ssh/config in your home directory and populate it as follows:
    Host *.inf.ed.ac.uk
        User <yourusername>
        GSSAPIAuthentication yes
        GSSAPIDelegateCredentials yes
    

    where <yourusername> is your DICE username.

Usage

Before making your first ssh connection in any Cygwin session, you need to authenticate to the Informatics Kerberos service. In a Cygwin bash shell, type:

kinit <yourusername>

You will be prompted to enter your Informatics password. After you have successfully authenticated, you will have acquired a Kerberos ticket-granting ticket and you should now be able to ssh to Informatics machines without having to specify your username or password.

Last reviewed: 
18/10/2017

System Status

Home dirs (AFS)
Network
Mail
Other services
Scheduled downtime

Choose a topic