search for: supported_authentications

....c Thu Sep 27 09:58:37 2001 @@ -1111,13 +1111,14 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, Key **keys, int nkeys) { + #ifdef KRB5 krb5_context context = NULL; krb5_auth_context auth_context = NULL; #endif int i, type; int payload_len; - + if (supported_authentications == 0) fatal("ssh_userauth1: server supports no auth methods"); @@ -1139,6 +1140,23 @@ goto success; if (type != SSH_SMSG_FAILURE) packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); +#ifdef AFS + /* Try Kerberos v4 TGT passing if the serv...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

...dif /* AFS && KRB4 */ /* * Tries to authenticate with any string-based challenge/response system. @@ -1255,7 +1257,7 @@ krb5_free_context(context); #endif -#ifdef AFS +#if defined(AFS) && defined(KRB4) /* Try Kerberos v4 TGT passing if the server supports it. */ if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && options.kerberos_tgt_passing) { @@ -1270,7 +1272,7 @@ log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); send_afs_tokens(); } -#endif /* AFS */ +#endif /* AFS && KRB4 */ return; /...

...ity!"); + } + /* Compute and send a response to the challenge. */ respond_to_rsa_challenge(challenge, private->rsa); @@ -670,6 +675,7 @@ ssh_userauth1(const char *local_user, const char *serv Sensitive *sensitive) { int i, type; + AuthenticationConnection *auth = NULL; if (supported_authentications == 0) fatal("ssh_userauth1: server supports no auth methods"); @@ -715,14 +721,15 @@ ssh_userauth1(const char *local_user, const char *serv * agent is tried first because no passphrase is needed for * it, whereas identity files may require passphrases. */ - if (try_agent_a...