X-Spam-Check-By: sourceware.org
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; 	charset="us-ascii"
Subject: FW: Windows Domain auth
Date: Tue, 7 Mar 2006 10:28:46 -0500
Message-ID: <6E1215499BA54D4AB408A1996513FC8FE6D2F1@hermes70.engr.nt.pitt.edu>
From: "Bromberger, Matt" <mbrom AT engr DOT pitt DOT edu>
To: <cygwin AT cygwin DOT com>
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id k27FQoEI016546

I know this question has been asked a million times, but I would lke to
know if the answer is still the same. 

I would like to set up sshd that can
use windows domain acounts for authentication rather than a local user
Database (passwd file) that needs to be maintained regularily. I'm
working with cygwin/openssh to figure out a secure FTP solution. As I
see it my options are to tunnel FTP which should leave the auth to the
domain as usual, even if it's just the control channel, or just connect
to the SSH server with SFTP clients if the auth can be against the
domain. It's not clear to me if either of these are possible, but it
seems like since cygwin supports GSSAPI and Kerberos it should be able
to use the domain accounts.

Can anyone verify if this can be done and if so, how?

Thank You,
Matt 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/