home.social

#gssapi — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gssapi, aggregated by home.social.

  1. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd

  2. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd

  3. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd

  4. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd

  5. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd

  6. Tech Help! 🆘

    I have a Synology NAS. And I want to use Kerberos on it for NFS.

    Is aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96 okay for DSM 7.1.1?

    I am getting
    gss_accept_sec_context(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - No key table entry

    Despite matching hosts, DNS, ptr, KVNO, principals.... Ugh..

    #linux #synology #nas #tech #help #network #kerberos #gssapi #freeipa