Kerberised ssh

Avoiding entering passwords when using ssh between servers is convenient.
Up to know I've user ssh-keygen to set this up, but once Kerberos is configured on client and server it's even easier.
It does require Kerberos aware ssh/sshd.

Just add the following to your ssh destination box (server in my case)

In your home directory create a file called ".k5login". It doesn't need to be secret but should be writable only by you, default permissions of 644 are fine.
It should contain the principals that you trust (ie allow to connect without further authentication).
In my case it contains just one line
kim@DFUSION.COM.AU


Now you should be able to ssh to your destination box without further passwords from client in which you are already Kerberos authorised.


The original document is available at http://dfusion.com.au/wiki/tiki-index.php?page=Kerberised+ssh