[当我使用推荐的rdesktop连接到从Archlinux看到的Windows EC2主机时:
$ rdesktop 54.254.180.73
ATTENTION! The server uses and invalid security certificate which can not be trusted for
the following identified reasons(s);
1. Certificate issuer is not trusted by this system.
Issuer: CN=EC2AMAZ-I5MV8JK
Review the following certificate info before you trust it to be added as an exception.
If you do not trust the certificate the connection atempt will be aborted:
Subject: CN=EC2AMAZ-I5MV8JK
Issuer: CN=EC2AMAZ-I5MV8JK
Valid From: Thu Mar 5 16:06:01 2020
To: Fri Sep 4 16:06:01 2020
Certificate fingerprints:
sha1: 98f1e92f9b9a3b57f4b2a23177f1bbe1a9afeb2c
sha256: 8e9f1a2e5497c972b56b8300f6e2ec3f59c8903103984cb5456a237c9a7b2d45
Do you trust this certificate (yes/no)? yes
Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
Failed to connect, CredSSP required by server (check if server has disabled old TLS versions, if yes use -V option).
我不确定从这里要去哪里。特别是在rdesktop似乎没有保持的情况下。
是否有连接Windows主机的提示?
使用kerberos门票
在域中,您可以像这样从服务器请求kerberos票证:
kinit <user>
(这意味着您的/etc/krb5.conf配置为使用域)您可以使用
来验证票证klist
应该会产生类似的结果
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: <user>@<Kerberos DOMAIN>
Valid starting Expires Service principal
09-07-19 10:37:55 09-07-19 20:37:55 krbtgt/<domain>@<domain>
renew until 10-07-19 10:37:49
然后,您仍然可以在使用此命令打开NLA的情况下连接到服务器
rdesktop -u <user> -d <domain> <IP-or-resolvable-hostname>