[clug] Kerberos through an SSH tunnel
drose at dtlm.homelinux.net
Mon Mar 7 23:06:49 MST 2011
This is a bit of a lazy email; I've only done a little research on this,
except to verify that that naive implementation won't work:
Suppose Kerberos works fine for
http://server.example.com/path/script.cgi on a network.
ssh localhost -L4545:server.example.com:80
...it asks for credentials, but they are never acceptable! I didn't
really expect it to work I suppose.
I can (and I admit should) go trawling through the kerberos specs and
see if I can use tricky hostnames, and capture traffic on 88 to try and
see what's happening, so as a lurker who doesn't attend meetings I'm not
asking for anyone else to do any grunt work for me.
Instead, I'd just like to know if anyone's encountered this before and
already found or made a workaround, or if someone's spent ages on it
already and determined that it's entirely impractical to try.
More information about the linux