Skip to content

Invoke-Command with Kerberos authentication #18462

Answered by jborean93
pavel-calin asked this question in Q&A
Discussion options

You must be logged in to vote

It's certainly possible but just not simple. There are two ways you can do this:

  • Configure ssh/config

Add the following to your ~/.ssh/config file

Host hostpattern
    GSSAPIAuthentication yes

Where hostpattern is a pattern for the hostname(s) you wish to use GSSAPI/Kerberos auth with. For example I have Host *.domain.test to enable GSSAPI for any host in the .domain.test domain.

  • Override ssh binary used to include the -K argument
# Use .bat file for Windows here
$script = Set-Content ./my_ssh -Value @'
#!/usr/bin/env bash

ssh -K "$@"
'@
chmod +x ./my_ssh

$ExecutionContext.InvokeCommand.PostCommandLookupAction = {
    param ($Command, $EA)

    if ($Command -eq 'ssh') {
        $EA.…

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@pavel-calin
Comment options

Answer selected by pavel-calin
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants