...
You can test whether WSL is installed by opening 'Windows PowerShell' and typing wsl.
Connect to the destination utilising the Kerberos ticket:
...
Kerberos configuration
The following is required in /etc/krb5.conf inside your WSL distro for ssh to work with Kerberos:
| Code Block |
|---|
[libdefaults]
default_realm = AGRESEARCH.CO.NZ
dns_canonicalize_hostname = false
dns_lookup_kdc = true
dns_lookup_realm = true
forwardable = true
rdns = false
[realms]
AGRESEARCH.CO.NZ = {
admin_server = c-adc-pv01.agresearch.co.nz:749
admin_server = c-adc-pv02.agresearch.co.nz:749
kdc = c-adc-pv01.agresearch.co.nz:88
kdc = c-adc-pv02.agresearch.co.nz:88
}
[domain_realm]
.agresearch.co.nz = AGRESEARCH.CO.NZ
.eri.agresearch.co.nz = IAM.FLEXI.NESI.ORG.NZ
agresearch.co.nz = AGRESEARCH.CO.NZ
eri.agresearch.co.nz = IAM.FLEXI.NESI.ORG.NZ
[appdefaults]
pam = {
debug = false
krb4_convert = false
renew_lifetime = 36000
ticket_lifetime = 36000
} |
ssh configuration
The following in ~/.ssh/config means less has to be specified on the command line:
| Code Block |
|---|
Host login-0 login-0.eri.agresearch.co.nz HostName login-0.eri.agresearch.co.nz User guestsi@agresearch.co.nz # really, use your own here GSSAPIAuthentication yes |
Get a Kerberos ticket
In case klist shows no tickets:
| Code Block |
|---|
kinit |
Connect to the destination utilising the Kerberos ticket:
Requires the above ssh configuration for this brief command to work:
ssh login-0