[Samba] Kerberos S4U token with SAMBA4
Norbert Hanke
norbert.hanke at gmx.ch
Tue Jun 12 06:28:10 UTC 2018
Hi Taylor
That's not hard to explain:
The login to a local account is under the control of sshd, and if that
has enough privileges it works.
The login to a domain account is a kerberos login which requires either
Username and Password, or possibly PKINIT with a certificate. None of
them can work with just a public key.
Norbert
On 11.06.2018 15:56, Taylor Hammerling via samba wrote:
> does SAMBA4 support Kerberos S4U tokens?
>
> Background:
> I am trying to get OpenSSH for windows to work on machines joined to our
> SAMBA4 domain
> We are running Samba 4.7.3-Debian on Debian 9
>
> When attempting to SSH in to a windows client using public key credentials
> for a domain user it fails. When attempting to SSH into a windows client
> using public key credentials for a local user it works just fine
>
> I have been working with the OpenSSH team trying to figure out why this
> isn't working, see github issue below
>
> https://github.com/PowerShell/Win32-OpenSSH/issues/1177#issuecomment-394789906
>
> Thanks in advance for any assistance you can provide. :)
>
> Taylor
>
More information about the samba
mailing list