similar to: OpenSSH and Heimdal KRB5

http://bugzilla.mindrot.org/show_bug.cgi?id=456 Summary: Krb5 ticket forwarding is tryied even if krb5 authentication failed Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=455 Summary: Krb5 ticket forwarding is tryied even if krb5 authentication failed Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=456 ------- Additional Comments From kouril at ics.muni.cz 2002-12-13 20:34 ------- Created an attachment (id=185) --> (http://bugzilla.mindrot.org/attachment.cgi?id=185&action=view) Don't delegate/accept delegated ticket if krb5 authentication hasn't been done ------- You are receiving this mail because: ------- You are the

Some people on the OpenSSH list have expressed an interest in Kerberos version 5 support. Below is a (non-US) URL recently posted for a patch to OpenSSH to work with Heimdal, the international K5 implementation. I haven't checked to see if the patch would work with MIT or MIT-derived K5 libraries. -- Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National Lab See

On Sun, 2023-03-19 at 09:29 +0200, Alexander Bokovoy via samba- technical wrote: > Hi, > > > I would be against a blended build against both MIT Kerberos and > Heimdal > Kerberos in a distribution. It is not going to bring you anything > good, > support wise. > > Andreas and I have submitted a talk to SambaXP about MIT > Kerberos/Heimdal Kerberos-based Samba AD

Dear All, Would like some know the answer on the above question. What is the different between compiling using internal heimdal library vs mit-krb5. I'm on gentoo and thus like other distro having issue on the system-wide mit-krb and removing it is not that convenient (But still possible) I've try to compile samba 4.1.2 with internal heimdal library to work as a Domain controller But

Hi! I already asked a similar question before, but it keeps popping up in different contexts and forms, and the more I use samba myself, the more often it comes to me too, especially in context of using various security tokens for auth. And the more I think about all this, the more sane it looks to me. The thing is: mit-krb5 has much better user-level support than heimdal. But samba does not

http://bugzilla.mindrot.org/show_bug.cgi?id=635 ------- Additional Comments From mmokrejs at natur.cuni.cz 2003-10-17 21:13 ------- Please commit the patch http://bugzilla.mindrot.org/attachment.cgi?id=396&action=view and close this bug. KRB5 does not work, but I don't care anymore as there's krb4 patch from ftp://ftp.mcc.ac.uk/pub/misc/ssh/ . :) Thanks! ------- You are

Hi all, It looks like a bug for me, but I'd like to ask if someone has the same problem. We are using OpenSSH 4.3p2 from Debian 4.0 (stable), but the same problem is with original OpenSSH 4.3p2. When root logins with his kerberos ticket and then logout, his ticket remains on the machine. I found in source (sshd.c) in privsep_postauth function, that if root logins then use_privsep is set to 0

Hello, My first problem is compilation against Heimdal. It does not work because of the following: /products/source/heimdal/heimdal-0.5.1/i386_linux24/lib/roken/../../../lib/r oken/getprogname.c(.text+0xc): multiple definition of `get_progname' openbsd-compat//libopenbsd-compat.a(bsd-misc.o)(.text+0x0):/usr1/ahaupt/open ssh-3.6.1p1/openbsd-compat/bsd-misc.c: first defined here /usr/bin/ld:

Patch allowing drivers in DomU to restore address bars if needed. Signed-off-by: xhejtman@ics.muni.cz -- Lukáš Hejtmánek _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hello, I've run into some issues building Samba 4.20.2 due to problems concerning Heimdal. First, I am unable to build with the embed Heimdal due to a variety of errors during compilation of the embedded heimdal. As result, I built a "system" heimdal using the current master branch of heimdal from GitHub. Then I tried to build Samba again using the --with-system-heimdalkrb5, but it

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:08.heimdal Security Advisory The FreeBSD Project Topic: heimdal cross-realm trust vulnerability Category: core Module: crypto_heimdal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:08.heimdal Security Advisory The FreeBSD Project Topic: heimdal cross-realm trust vulnerability Category: core Module: crypto_heimdal

Trying to follow Chapter 9.3.3 of S3BE to create a SuSE 8.2 Active Directory domain member server. 9.3.3 says heimdal >= .6 is required. I installed the Sernet packages and saw 0.6.2 source is included. Running ./configure after unpacking the heimdal source completes OK, but running make results in the following errors: creating libss.la /usr/bin/sed: can't read

On Mon, Oct 24, 2005 at 03:35:41PM -0400, William Jojo wrote: > > Has anyone been able to get Heimdal 0.7.1 with Samba 3.0.20b to compile successfully without commenting out the __cplusplus stuff in include/includes.h? If I comment it out, it's fine on FC3. The Heimdal people are using "private" as a structure member name, so I know it's a Heimdal problem :-). I think you

On Mon, 2023-03-20 at 10:39 +0200, Alexander Bokovoy wrote: > Indeed. For the record, current set of tests not supported by > > --with-system-mitkrb5 build: > > > > ---------------------------------------- > > $ cat selftest/skip_mit_kdc > > # We do not support RODC yet > > .*rodc > > .*RODC > > ^samba4.ntvfs.cifs.ntlm.base.unlink >

On Fri, Jul 22, 2016 at 02:54:05PM +0200, Stefan Schäfer wrote: > Hi List, > > I do my best to ask my question in english. ;-) > > Samba4 integrated heimdal kerberos to do the kerberos work for > Active Directory. Some Linux Distributions like fedora/RedHat and > openSUSE/SUSE don't accept heimdal even if it is shipped inside > samba. > > Their argument is that

Since the number of responses to my query was large, Roger has asked me to summarise the information. The summary is listed below Thanks to all the people who bothered to help me out: Alan Mead <adm@ipat.com> Beattie, Jay <JBeattie@accdir.com> Bruce Elrick <bruce.elrick@saltus.ab.ca> Christian Hammers <ch@lathspell.westend.com> David J. M. Karlsen