FreeBSD 上使用Kerberos 5认证

　　使用Kerberos认证的ssh

　　修改测试A，B，C的sshd 配置文件。

　　# Kerberos options
KerberosAuthentication yes
KerberosOrLocalPasswd yes


　　然后重启sshd

　　Test2#kill –HUP 80

　　开始从test1登陆到test2，因为只有ssh1支持Kerberos，所以使用ssh1连接同时开启debug信息。

　　test1# ssh -1v the9@test2.the9.com
OpenSSH_3.6.1p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090703f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to test2.the9.com [192.168.0.3] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 FreeBSD-20030924
debug1: match: OpenSSH_3.5p1 FreeBSD-20030924 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.6.1p1 FreeBSD-20030924
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'test2.the9.com' is known and matches the RSA1 host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying Kerberos v5 authentication.
debug1: Kerberos v5 authentication accepted.
debug1: Requesting pty.
debug1: Requesting shell.
debug1: Entering interactive session.
Last login: Fri Jun 11 16:31:14 2004 from test1.the9.com
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.9-RELEASE (GENERIC) #0: Mon Oct 27 17:51:09 GMT 2003
FreeBSD/i386 (test2.the9.com) (ttyp1)
//登陆欢迎词
%id
uid=1001(the9) gid=0(wheel) groups=0(wheel)
% //好了成功了