similar to: [Bug 1245] Add support for Darwin CCAPI

http://bugzilla.mindrot.org/show_bug.cgi?id=1245 Summary: Add support for Darwin CCAPI Product: Portable OpenSSH Version: -current Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Kerberos support AssignedTo: bitbucket at mindrot.org ReportedBy: simon at

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm pleased to (finally) announce the availability of my GSSAPI Key Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for doing GSSAPI user authentication, this only allows the underlying security mechanism to authenticate the user to the server, and continues to use SSH host keys to authenticate the server to the

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

I note with interest that Kerberos support is now available (for the version 1 protocol, at least) in OpenSSH 2.9.9p2. However, it does not build with MIT Kerberos, due to the usual Heimdal/MIT library differences. These look, by and large, like the same problems I encountered when porting Dan Kouril's patch to MIT Kerberos - so I'm having a go at fixing them (my GSSAPI patches need

https://bugzilla.mindrot.org/show_bug.cgi?id=1276 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1233| |ok+ Flag| |

https://bugzilla.mindrot.org/show_bug.cgi?id=1601 Summary: Memory leak caused by forwarded GSSAPI credential store Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at

http://bugzilla.mindrot.org/show_bug.cgi?id=1312 Summary: Add short command-line option -K for activating GSSAPIDelegateCredentials Product: Portable OpenSSH Version: 4.4p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Kerberos support

Hi, I'm pleased to be able to announce the availability of my GSSAPI Key Exchange patch for OpenSSH 4.4p1. This patch adds RFC4462 compatibility to OpenSSH, along with adding additional GSSAPI support that is yet to make it into the main tree. The patch implements: *) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key exchange mechanisms. This can be enabled through the

Hi, I'm pleased to announce the availability of my GSSAPI Key Exchange patch for OpenSSH 4.6p1. This patch adds support for the RFC4462 GSSAPI key exchange mechanisms to OpenSSH, along with some minor fixes for the GSSAPI code that is already in the tree. The patch implements: *) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key exchange mechanisms. (#1242) *)

Somewhat belatedly, I'm pleased to announce the availability of my GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay in getting these out, a honeymoon, followed by the pressure of work, made the first half of this year rather busy! Whilst OpenSSH contains support for GSSAPI user authentication, this still relies upon SSH host keys to authenticate the server to the

From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.

https://bugzilla.mindrot.org/show_bug.cgi?id=928 --- Comment #9 from Darren Tucker <dtucker at zip.com.au> 2010-01-11 17:11:06 EST --- Created an attachment (id=1775) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1775) sshd-gssapi-multihomed.patch I updated patch #1182 to OpenBSD current and fixed a few minor whitespace things. I also removed this warning from the man page:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's that time again! There's been another OpenSSH release, and once again, I'm pleased to announce the availability of my GSSAPI Key Exchange patch for it. Whilst OpenSSH contains support for GSSAPI user authentication, this still relies upon SSH host keys to authenticate the server to the user. For sites with a deployed Kerberos

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

Hi, Just wondering if anyone was looking at implementing draft-ietf-secsh-gsskeyex-00 in OpenSSH? My patches for SSH version 1 Kerberos 5 support (heavily based upon work done by Dan Kouril) are now available from http://www.sxw.org.uk/computing/patches/ Is there any interest in integrating these into the distribution? If so, I'd be happy to update them to the development version. Cheers,

Hi, I am trying to impliment OpenSSH v2.9p1 with the Krb5/GSSAPI patches at: http://www.sxw.org.uk/computing/patches/openssh-2.9p1-gssapi.patch On a FreeBSD 4.3-STABLE system (with both the integrated Heimdal libs and the MIT Krb5 package from ports intstalled). I patched the src tree, reconfigured, recompiled, installed, and it works - except for Krb5 passwords or Krb5 tickets. And I really

Is there a ./configure argument to turn off gssapi authentication for openssh-2.5.2p2? Best Herman -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010713/fd511d47/attachment.html

i've compiled openssh with the gssapi patches on a solaris 8 system using sun's SEAM. gssapi isn't initializing properly it seems. debug2: input_userauth_request: try method gssapi debug1: Mechanism negotiation is not supported Failed gssapi for xxxx from xxxx port 33555 ssh2 sun's kerberized tools are working fine. any help would be appreciated. -- http://chemlab.org -

Now that RFC 4462 has been published, I was wondering if there would be any interest in looking again at integrating the key exchange portions of my GSSAPI patch into the OpenSSH tree? As I've mentioned before, key exchange has significant benefits for large sites as it allows them to use Kerberos to authenticate ssh hosts, and removes the need to maintain and distribute ssh known_hosts