...
You can test whether WSL is installed by opening 'Windows PowerShell' and typing wsl.
Connect to the destination utilising the Kerberos ticket:
...
Kerberos configuration
The following is required in /etc/krb5.conf inside your WSL distro for ssh to work with Kerberos:
| Code Block |
|---|
[libdefaults]
default_realm = AGRESEARCH.CO.NZ
dns_lookup_realm = true
dns_lookup_kdc = true
forwardable = true
[realms]
IAM.FLEXI.NESI.ORG.NZ = {
dns_canonicalize_hostname = false
rdns = false
}
[domain_realm]
agresearch.co.nz = AGRESEARCH.CO.NZ
.agresearch.co.nz = AGRESEARCH.CO.NZ
.eri.agresearch.co.nz = IAM.FLEXI.NESI.ORG.NZ
eri.agresearch.co.nz = IAM.FLEXI.NESI.ORG.NZ
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
krb4_convert = false
} |
ssh configuration
The following in ~/.ssh/config means less has to be specified on the command line:
| Code Block |
|---|
Host login-0 login-0.eri.agresearch.co.nz HostName login-0.eri.agresearch.co.nz User <USERID>@agresearch.co.nz # eg blogsj@agresearch.co.nz GSSAPIAuthentication yes |
Get a Kerberos ticket
In case klist shows no tickets:
| Code Block |
|---|
kinit |
Connect to the destination utilising the Kerberos ticket:
Requires the above ssh configuration for this brief command to work:
ssh login-0