Note: this is probably irrelevant if you’re not at the University of Michigan. However, if you’re a Mac user there and tired of having to type in your password to ssh into the shell account servers, read on.
This is what I had to do to get passwordless ssh access working to the
U of M servers (e.g. login.engin.umich.edu
) from my machine, running
Mac OS X 10.8.2. The university doesn’t allow public-key-based ssh
access, so I had to set up Kerberos.
Get a copy of the
krb5.conf
file. You can find this at/etc/krb5.conf
on any of the Linux shell servers such aslogin.engin.umich.edu
. You’ll need to get it to your machine with scp/sftp/etc.Install it as
/Library/Preferences/edu.mit.Kerberos
. You’ll need root privileges to write to this directory, so:$ sudo cp /path/to/krb5.conf /Library/Preferences/edu.mit.Kerberos
Open up /Applications/Utilities/Keychain Access.
Go to its application menu and select Ticket Viewer.
Acquire a Kerberos ticket by choosing Ticket > Add Identity, giving
<uniqname>@UMICH.EDU
as your identity and your usual U of M password as your password.Set up ssh to use Kerberos authentication to U of M hosts, by adding something like the following to your
~/.ssh/config
:
1 2 3 4 5 6 |
|
You should now be able to ssh to a university machine without being prompted for a password.