...
Assuming that your machine has recent versions of SSH and Kerberos and you will not be using a Cryptocard, download Fermilab's official Kerberos configuration file. You will need root permissions to execute the following command which backs up your current configuration and replaces it with the new one
Download the file.
| No Format |
|---|
cd /etc cp krb5.conf krb5.conf.bkp wget http://security.fnal.gov/krb5.conf |
Set the environment variable KRB5_CONFIG to point to the Fermilab configuration file.
| No Format |
|---|
export KRB5_CONFIG=`pwd`/krb5.conf
|
This variable can be added to your shell profile or setup in a script and the configuration file it points to will override the one in /etc.
Logging In
Logging in to a Fermilab gateway machine should now work provided that Kerberos has been configured correctly.
Initialize the Kerberos session.
| No Format |
|---|
kinit -f USERNAMEUSERNAME@FNAL.GOV |
Now ssh to a gateway machine at Fermilab.
...