Displaying 20 results from an estimated 1000 matches similar to: "what's the deal with openssh-3.0p1 and kerberos5?"
2001 Nov 06
13
OpenSSH 3.0
OpenSSH 3.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
This release contains many portability bug-fixes (listed in the
ChangeLog) as well as several new features (listed below).
We would like to thank the
2003 May 16
2
OpenSSH and KerbV
Is something special required for KerbV auth to work? I've enabled:
KerberosAuthentication yes
on some test boxes and it doesn't work. I do a kinit, and then ssh
and it asks for a password. If you don't provide one, you don't get
in.
2001 Jul 24
1
OpenSSH 2.9p2+Kerberos5 on RH7.1 fails
I've been installing OpenSSH 2.9p2 onto several RedHat Linux machines,
after compiling in the GSSAPI/Kerberos5 patch from here:
http://www.sxw.org.uk/computing/patches/openssh.html
I've been using ssh both to let users in via passwords and Kerberos
tickets, and both have been working fine...
except for one irritating machine, which (for no good reason I can see)
fails when using kerberos
2001 Feb 15
1
Kerb5 Support?
Hey, I just subscribed to this list, so apologies in advance if
this has been asked already (although I haven't found mention in the
archives after a cursory search).
I notice that there's no Kerb5 support in 2.3.0p1. Is anyone
working on getting support in there for v1 and v2 connections, or is this
something I'm going to have to do myself?
Also, I've just
2003 May 28
2
SSH1 security with Kerb5
Hi,
I am trying to decide if it is worth the time to test the Kerberos support in a port I am working on of Openssh 3.5p1.
Does using Kerb5 with SSH1 solve the security problems inherent in protocol 1 and bring it up to par with the security level of SSH2 or are there other issues that Kerb5 authentication won't help for SSH1?
Thanks,
Greg Lambert
---------------------------------
Do
2006 Jun 11
2
Kerberos5 / Heimdal
I have FreeBSD-6.1 and it appears the default installation has a full
complement of Kerberos5. But, /usr/src/kerberos5/README states:
This subtree is world-exportable, as it does not contain any
cryptographic code.
At the time of writing, it did not even contain source code, only
Makefiles and headers.
Please maintain this "exportable" status quo.
Thanks!
2002 Jun 26
2
Using Kerberos5 in 3.3p1
Hello all,
I'm not able to get Kerberos5 authenticarion work together with PrivSep.
According to strace, it seems that the kerberos authentication stage is
performed by the user process in chrooted enviroment. The problem is that
Kerberos authentication must be done by root. Is anybody working on a fix?
(or am I missing something in configuration?)
Thanks for any advice.
--
Dan
2005 Sep 05
3
[Bug 1078] passing --without-kerberos5 still checks for some kerberos support
http://bugzilla.mindrot.org/show_bug.cgi?id=1078
Summary: passing --without-kerberos5 still checks for some
kerberos support
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Documentation
AssignedTo:
2004 Feb 09
4
Some GSSAPI/Kerberos Questions
After reading some more from the archives, a private email, and some
general research, I see that KerbV support has been dropped in favor
of GSSAPI.
Which is fine, and wonderful, I support GSSAPI.
But, erm, the announcement says, "This release contains some GSSAPI
user authentication support to replace legacy KerberosV authentication
support. At present this code is still considered
2004 Jan 12
0
samba3.0.1/win2000ad/kerberos5: user cannot logon
Hi everyone!
I've googled alot for this, and found *some* people with similar
questions, but there was no answer if this is a bug in samba, a
misconfiguration, or what?
I have a win2000 active directory Server (wurzel.baum.local), a samba
2.2.3a on debian stable/woody (stamm.baum.local), security = user, a
samba 3.0.1 on debian testing/Sarge (blatt1.baum.local) and a windowsxp
machine joined
2011 Apr 22
0
Kerberos5 packages not needed anymore?
Hi all,
I have a debian linux lenny 5.0 server with samba (version 3.2.5-4lenny14)
on it. I want to create a cifs share which uses Active Directory
authentication.
In all howto's i read that i need kerberos5 to do this, so I installed
krb5-user, krb5-config and libkrb53. I edited /etc/krb5.conf to my domain
etc.
Everything works like it should.
BUT i noticed a file in
2004 Jan 15
1
kerberos5 authentication of ssh connections
Hello freebsd-security!
What is the best way to authenticate remote ssh users transparantly
without typing the kinit and kdestroy commands?
Using pam_krb5 works satisfactorily for local logins but makes it
crooked for remote ssh ones. The comp.protocols.kerberos and
comp.security.ssh newsgroups and the pam-krb5-users maillist confirm this
assertion.
As far as I understood that using kerberized
2004 May 22
3
kerberos5 / gssapi support in mount.cifs?
Hi,
allow me another question. Is it planned or already implemented to support
gssapi with mount.cifs?
Regards,
Timo
2002 May 17
1
OpenSSH 3.2.2 supports kerberos5 but....
I can't seem to login with only a TGS? (i.e. no password)
Do I need another patch to have that part work? Password auth seems to
be working against the KDC just fine.
TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try to run away from it. If you do
2008 Sep 03
1
Dovecot 1.1.3 Kerberos5 GSSAPI bug (with patch)
The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line
103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the
declaration for getenv(). Otherwise, the compiler uses the implicit return type
(int), which truncates the 8-byte pointer getenv() returns to a 4-byte value.
This causes a segfault on subsequent reads. Here is debugger output
illustrating the
2009 Mar 25
2
help on kerberos5
Dear All,
this i feel is a little out of topic but really apprecite if someone can help
i am tryin to authenicate my Centos 5.2 box to windows 2003 ADS server ..
but am not able to do so .
i get the following error when i run kinit
kinit(v5): Improper format of Kerberos configuration file while
initializing Kerberos 5 library
i have the following packages installed on my linux box
[root at
2010 Oct 28
1
Kerberos5 ticket renewal & 'net ads join' w/o authentication
Hello,
I have two issues with Kerberos administration using Samba and this
results from my lack of familiarity with it. I am hoping someone can
point me in the right direction.
The first issue is with automatically renewing the Kerberos tickets. The
second issue deals with my having to authenticate each time I attempt to
join an AD domain. The Samba documentation indicates that I should *not*
2004 Apr 05
5
[Bug 568] Kerberos password auth/expiry kbdint patch
http://bugzilla.mindrot.org/show_bug.cgi?id=568
------- Additional Comments From michael.houle at atcoitek.com 2004-04-06 06:04 -------
Can someone please enlighten me on whether this kind of code is going
to be included in the main development ? I thought this would be handled
automatically by the krb5 libraries, so I was suprised to find that password
changing doesn't work in the SSH
2001 Apr 16
1
openssh-2.3.0p1, Krb5 and rdist
Krb5-authentication and Kerb5-TGT-passing is working well with
openssh-2.3.0p1.
Question: Is there a solution using rdist -P "/usr/local/bin/ssh" without the
need for RhostRSAAuthentication, RSAAuthentication or using the Kerberos
r-command set?
The objective is to do away with ".rhosts/.shost" and private-key
authentication when Kerberos authentication is already in
2001 Nov 12
2
problem with make on solaris 8 and openssh 3.0p1
Hi.
After I've run the configure (./configure --prefix=/usr/local
--without-rsh --disable-suid-ssh --sysconfdir=/usr/local/etc
--with-ssl-dir=/usr/local/ssl --with-tcp-wrappers) and want to run the
make (make -d -d) script, I get this error msg:
Finished prerequisites of target file `inet_aton.o'.
Must remake target `inet_aton.o'.
make[1]: Entering directory