Kerberos Tickets

Posted On: March 6, 2016

When ssh-ing to athena from less automatically configured clients, you may need to supply Kerberos tickets in order to have access to your locker and other goodies. After struggling for some time, I founds its actually remarkably easy.

Step 1: Kerberos Tickets

  1. Install krb5-clients
  2. set the realm to be ATHENA.MIT.EDU
  3. install krb5-user
  4. running kinit <kerberos id> and entering your password should provide you with a ticket
  5. For automated things you may want a longer ticket life than the 10-hour default, theres an option for that

Step 2: SSH PublicKey

  1. ssh-keygen on client and follow directions
  2. copy your public key (and any others you want) and paste each on its own line in <locker>\Public\.ssh\athena_dialup_authorized_keys (you may have to generate the file)
  3. ensure athena_dialup_… is permissions 600 with chmod 600 athena_…
  4. ensure the .ssh directory is permissions 700 similarly

Step 3: SSH

  1. run ssh -K <kerberos id>
  2. pat yourself on the back

Leave a Reply

Your email address will not be published.