Now that RFC 4462 has been published, I was wondering if there would be any interest in looking again at integrating the key exchange portions of my GSSAPI patch into the OpenSSH tree? As I've mentioned before, key exchange has significant benefits for large sites as it allows them to use Kerberos to authenticate ssh hosts, and removes the need to maintain and distribute ssh known_hosts files. Many vendors are already shipping patched versions of OpenSSH with GSSAPI key exchange support. Thanks, Simon.
On 5/6/06, Simon Wilkinson <sxw at inf.ed.ac.uk> wrote:> > Now that RFC 4462 has been published, I was wondering if there would be > any interest in looking again at integrating the key exchange portions of > my GSSAPI patch into the OpenSSH tree? > > As I've mentioned before, key exchange has significant benefits for large > sites as it allows them to use Kerberos to authenticate ssh hosts, and > removes the need to maintain and distribute ssh known_hosts files. Many > vendors are already shipping patched versions of OpenSSH with GSSAPI key > exchange support. >I know that it has a big interest where I work. I would be available to help test this under a couple of scenarios. -- Stephen J Smoogen. CSIRT/Linux System Administrator
Simon Wilkinson wrote:> Now that RFC 4462 has been published, I was wondering if there would be > any interest in looking again at integrating the key exchange portions of > my GSSAPI patch into the OpenSSH tree? > > As I've mentioned before, key exchange has significant benefits for large > sites as it allows them to use Kerberos to authenticate ssh hosts, and > removes the need to maintain and distribute ssh known_hosts files. Many > vendors are already shipping patched versions of OpenSSH with GSSAPI key > exchange support.Yes, we would also be very interested in having this in OpenSSH.> > Thanks, > > Simon. > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev > >-- Douglas E. Engert <DEEngert at anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444