Open derSchweiger opened 2 years ago
Please have a look at https://github.com/PowerShell/Win32-OpenSSH/issues/518
Thank you very much @bagajjal, this seems to be exactly our problem. Is there currently no solid solution for this behaviour? We are managing thousands of hosts with dozens of different domains. Therefore, it's unfortunately not an option for us to work with openSSH while using Basic authentication.
Have you considered using Kerberos/GSSAPI authentication and delegation instead of public key authentication?
Wouldn't GSSAPI delegation cause the required credential (Kerberos ticket) to be available at the other end?
OpenSSH for Windows version: 8.6 Server OperatingSystem: W2k16, W2k19, W2k22 Client OperatingSystem: W10Pro
What is failing We've configured openSSH for Windows and accessing it with public/private keys. To allow domain admins to join via SSH, we use the following config line:
AllowGroups "DOMAIN\Domain Admins"
It's possible to login and I'm able to invoke administrative commands but as soon as I'm trying to connect to the active directory domain or use Exchange Powershell cmdlets, I get the following error message:
If I login with domain username/password combination, it's working fine. So it seems like that it's not possible to run domain cmdlets if I'm using SSH key for authentication. Could that be true? Have I missed something?