Displaying 20 results from an estimated 5000 matches similar to: "[Bug 1218] GSSAPI client code permits SPNEGO usage"
2007 Sep 27
4
GSSAPI Key Exchange Patch for OpenSSH 4.7p1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm pleased to (finally) announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for
doing GSSAPI user authentication, this only allows the underlying
security mechanism to authenticate the user to the server, and
continues to use SSH host keys to authenticate the server to the
2006 Oct 02
0
GSSAPI Key Exchange for 4.4p1
Hi,
I'm pleased to be able to announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.4p1.
This patch adds RFC4462 compatibility to OpenSSH, along with adding
additional GSSAPI support that is yet to make it into the main tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. This can be enabled through the
2007 Mar 12
0
GSSAPI Key Exchange Patch for OpenSSH 4.6p1
Hi,
I'm pleased to announce the availability of my GSSAPI Key Exchange
patch for OpenSSH 4.6p1.
This patch adds support for the RFC4462 GSSAPI key exchange
mechanisms to OpenSSH, along with some minor fixes for the GSSAPI
code that is already in the tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. (#1242)
*)
2009 Jul 26
0
GSSAPI Key Exchange Patch for OpenSSH 5.2p1
Somewhat belatedly, I'm pleased to announce the availability of my
GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay
in getting these out, a honeymoon, followed by the pressure of work,
made the first half of this year rather busy!
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
2010 Jan 24
0
GSSAPI Key Exchange Patch for OpenSSH 5.3p1
From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.
2008 Apr 04
0
GSSAPI Key Exchange Patch for OpenSSH 5.0p1 (plus an added extra)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's that time again! There's been another OpenSSH release, and once
again, I'm pleased to announce the availability of my GSSAPI Key
Exchange patch for it.
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
user. For sites with a deployed Kerberos
2006 Aug 18
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 -------
There isn't an easy fix for this, at
2008 Mar 12
3
[Bug 1276] Link stage fails when gssapi exists
https://bugzilla.mindrot.org/show_bug.cgi?id=1276
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1233| |ok+
Flag| |
2009 May 23
7
[Bug 1601] New: Memory leak caused by forwarded GSSAPI credential store
https://bugzilla.mindrot.org/show_bug.cgi?id=1601
Summary: Memory leak caused by forwarded GSSAPI credential
store
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2001 Feb 14
1
Kerberos/GSSAPI support
Hi,
Just wondering if anyone was looking at implementing
draft-ietf-secsh-gsskeyex-00 in OpenSSH?
My patches for SSH version 1 Kerberos 5 support (heavily based upon
work done by Dan Kouril) are now available from
http://www.sxw.org.uk/computing/patches/
Is there any interest in integrating these into the distribution? If so, I'd
be happy to update them to the development version.
Cheers,
2001 May 21
1
Problems with Krb5/GSSAPI patches in FBSD 4.3
Hi,
I am trying to impliment OpenSSH v2.9p1 with the Krb5/GSSAPI patches at:
http://www.sxw.org.uk/computing/patches/openssh-2.9p1-gssapi.patch
On a FreeBSD 4.3-STABLE system (with both the integrated Heimdal libs and
the MIT Krb5 package from ports intstalled). I patched the src tree,
reconfigured, recompiled, installed, and it works - except for Krb5
passwords or Krb5 tickets. And I really
2007 Nov 15
3
GSSAPI Key Exchange Patch
Will Simon Wilkinson's GSSAPI Key Exchange patch ever be incorporated into
the OpenSSH source?
http://www.sxw.org.uk/computing/patches/openssh.html
I'm sure I'm not the only one that uses it and would like to see it become
part of the OpenSSH source. Is there something missing or is there some
technical/philosophical reason for not including it?
2001 Jul 13
2
--without-gssapi ?
Is there a ./configure argument to turn off gssapi authentication for
openssh-2.5.2p2?
Best
Herman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010713/fd511d47/attachment.html
2001 Dec 05
1
gssapi + seam on solaris
i've compiled openssh with the gssapi patches on a solaris 8 system
using sun's SEAM. gssapi isn't initializing properly it seems.
debug2: input_userauth_request: try method gssapi
debug1: Mechanism negotiation is not supported
Failed gssapi for xxxx from xxxx port 33555 ssh2
sun's kerberized tools are working fine.
any help would be appreciated.
--
http://chemlab.org -
2006 Jul 25
2
[Bug 1100] GSSAPI-with-mic doesn't handle empty usernames
http://bugzilla.mindrot.org/show_bug.cgi?id=1100
jbasney at ncsa.uiuc.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jbasney at ncsa.uiuc.edu
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching
2010 Jan 11
4
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=928
--- Comment #9 from Darren Tucker <dtucker at zip.com.au> 2010-01-11 17:11:06 EST ---
Created an attachment (id=1775)
--> (https://bugzilla.mindrot.org/attachment.cgi?id=1775)
sshd-gssapi-multihomed.patch
I updated patch #1182 to OpenBSD current and fixed a few minor
whitespace
things. I also removed this warning from the man page:
2006 Aug 18
1
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=928
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #2 from simon at sxw.org.uk 2006-08-19 08:31 -------
I'd rather see us move towards just using
2003 May 01
1
GSSAPI patches
I'm please to announce that patches for GSSAPI support in 3.6.1p2 are
now available from
http://www.sxw.org.uk/computing/patches/openssh.html
These bring the patch set up to conditional compliance with version 6
of the GSSAPI draft, and fix a couple of long standing encoding bugs
pointed out by other implementors.
Cheers,
Simon.
-------------- next part --------------
A non-text attachment
2003 Jul 28
1
SSH2 GSSAPI/KerberosV.
Hi,
I've just set up OpenSSH to authenticate through Kerberos tickets. I
spent a whole while figuring out I couldn't use SSH2 before stumbling
across the information somewhere. First of all: is it possible this
could be made very noticable in the sshd_config file?
Secondly, is there any chance that SSH2 /will/ become supported in the
future? There are already patches at
2006 Aug 19
2
[Bug 1220] Fix error messages for multiple mechanism GSSAPI libraries
http://bugzilla.mindrot.org/show_bug.cgi?id=1220
Summary: Fix error messages for multiple mechanism GSSAPI
libraries
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: