We are in the corporate windows AD network, When we try to execute the below SSH command in CMD, it works fine,
ssh -o GSSAPIAuthentication=yes userid@servermachine.xyz.com
We have tried to run the above command for the other colleagues using the RunAs option in CMD, and it still works.
But We have the Java web application with Waffle SSO authentication, using Waffle impersonation, We are calling the batch file which consists of steps involving SSH/SCP using windows API CreateProcessAsUser.
Java application is running as Windows Service in order to impersonate the user and create a new user in the logged-in user context.
When I logged into the Java application and tried to run a Batch script, it works fine. SSH and SCP worked perfectly!
But when the other users try to log in and execute the batch script using the createProcessAsUser function. SSH and SCP failed. Facing the below issue
Note: I have RDP access to the remote machine where the Java application runs and my user profile is loaded into the machine. I have generated SSH private/public keys and registered them in respective systems. To test the GSSAPI/Kerberos Authentication, I have removed the key pairs and renamed ~user/ssh to ~user/ssh1. Still, it works fine. Irrespective of RDP access and SSH key, Kerberos/GSSAPI works perfectly using CMD. But it fails for other users when they access it from a Java application.
sshd_config:
Any pointers or suggestions would be grateful!
