https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926840#M739545 Hi,<BR />could you please update the thread. How are you getting on ? Were my suggestions of any use ?<BR /><BR />If the problem is resolved, could you please complete the thread by awarding points to helpful answers and summarising the solution for you.<BR />This will help resolution of similar problems in the future. Thu, 18 Jan 2007 10:27:32 GMT Peter Godron 2007-01-18T10:27:32Z https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926838#M739543 <BR />Hi All,<BR /><BR /><BR />We are currently using Secure Shell for external transactions such as sftp. We have not really implemented Secure Shell for internal use. <BR /><BR />The Secure Shell configuration is we are acting only as a ssh client. I think they're using Host-Based Authentication. <BR /><BR />We are planning to implement ssh on all our unix servers initially. And then integrate it with Kerberos for better security and single sign on. <BR /><BR />My queries are :<BR />1) Is it possible to implement ssh on all the unix servers for all their users in it, using Public-Key authentication, and bypass the current (in production) ssh configuration for a certain ordinary user? <BR />2) What are your comments on using Secure Shell and Kerberos Authentication? <BR /><BR /><BR />Many Thanks, <BR />Charlie <BR /><BR /> <BR /> <BR /> <BR /> <BR /> Tue, 16 Jan 2007 06:05:08 GMT https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926838#M739543 charlie_bulosan 2007-01-16T06:05:08Z https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926839#M739544 Charlie,<BR />The following threads should get you started:<BR /><A href="https://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=980805" target="_blank">https://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=980805</A><BR /><A href="http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1076369" target="_blank">http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1076369</A><BR /><BR />You probably already have a copy, but anyway:<BR /><A href="http://docs.hp.com/en/T1471-90014/index.html" target="_blank">http://docs.hp.com/en/T1471-90014/index.html</A><BR /><BR /> Tue, 16 Jan 2007 06:20:14 GMT https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926839#M739544 Peter Godron 2007-01-16T06:20:14Z https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926840#M739545 Hi,<BR />could you please update the thread. How are you getting on ? Were my suggestions of any use ?<BR /><BR />If the problem is resolved, could you please complete the thread by awarding points to helpful answers and summarising the solution for you.<BR />This will help resolution of similar problems in the future. Thu, 18 Jan 2007 10:27:32 GMT https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926840#M739545 Peter Godron 2007-01-18T10:27:32Z https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926841#M739546 Hi Peter,<BR /><BR />Thanks for the links provided as they are quite helpful.<BR /><BR />I've asked HP about item 1 and they said it is possible to bypass the current ssh config of the user. The user is using Host Based authentication.<BR /><BR />Many Thanks,<BR />Charlie Thu, 18 Jan 2007 11:32:32 GMT https://community.hpe.com/t5/operating-system-hp-ux/secure-shell-and-kerberos/m-p/3926841#M739546 charlie_bulosan 2007-01-18T11:32:32Z