Displaying 20 results from an estimated 10000 matches similar to: "GSSAPI/Kerberos support in OpenSSH 3.1p1"
2001 Mar 20
1
Kerberos v5 and GSSAPI support in OpenSSH
An updated version of my patch for Kerberos v5 support is now available
from
http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch
This patch includes updated Kerberos v5 support for protocol version 1,
and also adds GSSAPI support for protocol version 2.
Unlike the Kerberos v5 code (which will still not interoperate with
ssh.com clients and servers), the GSSAPI support is based on
2003 Jun 27
3
Kerberos Support in OpenSSH
Dear Sir and Madam:
I'm writing to you on behalf of the MIT Kerberos team and several
other parties interested in the availability of Kerberos
authentication for the SSH protocol.
We recently noticed that the OpenSSH developers had added support for
the kerberos-2 at ssh.com user authentication mechanism. We are
delighted but we believe additional steps are necessary, as explained
2001 Feb 14
1
Kerberos/GSSAPI support
Hi,
Just wondering if anyone was looking at implementing
draft-ietf-secsh-gsskeyex-00 in OpenSSH?
My patches for SSH version 1 Kerberos 5 support (heavily based upon
work done by Dan Kouril) are now available from
http://www.sxw.org.uk/computing/patches/
Is there any interest in integrating these into the distribution? If so, I'd
be happy to update them to the development version.
Cheers,
2017 Jan 16
2
Question on Kerberos (GSSAPI) auth
I?m working on an implementation of ?gssapi-with-mic? authentication for my AsyncSSH package and trying to get it to interoperate with OpenSSH. I?ve gotten it working, but there seems to be a discrepancy between the OpenSSH implementation and RFC 4462. Specifically, RFC 4462 says the following in section 3.4:
Since the user authentication process by its nature authenticates
only the client,
2004 Jan 22
11
Pending OpenSSH release: contains Kerberos/GSSAPI changes
(I hope this message is appropriate for these lists. If not, please
tell me and I won't do it again.)
Hi All.
There will be a new release of OpenSSH in a couple of weeks. This
release contains Kerberos and GSSAPI related changes that we would like
to get some feedback about (and hopefully address any issues with)
before the release.
I encourage anyone with an interest in
2004 May 23
5
OpenSSH v3.8p1 fails to interoperate for GSSAPI (Kerberos) and X-Windows
Versions: openssh-3.8p1-33, heimdal-0.6.1rc3-51, XFree86-4.3.99.902-40,
tk-8.4.6-37, all from SuSE 9.1 (unhacked); back-version peers have
openssh-3.5p1, XFree86-4.3.0-115, etc. from SuSE 8.2.
Symptoms:
1. When the client and server versions are unequal, the Kerberos ticket
is not accepted for authentication. All the clients have
PreferredAuthentications gssapi-with-mic, gssapi, others.
2.
2007 Sep 27
4
GSSAPI Key Exchange Patch for OpenSSH 4.7p1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm pleased to (finally) announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for
doing GSSAPI user authentication, this only allows the underlying
security mechanism to authenticate the user to the server, and
continues to use SSH host keys to authenticate the server to the
2017 Jan 17
2
Question on Kerberos (GSSAPI) auth
On Jan 17, 2017, at 9:57 AM, Douglas E Engert <deengert at gmail.com> wrote:
> On 1/16/2017 2:09 PM, Ron Frederick wrote:
>> I?m working on an implementation of ?gssapi-with-mic? authentication for my AsyncSSH package and trying to get it to interoperate with OpenSSH. I?ve gotten it working, but there seems to be a discrepancy between the OpenSSH implementation and RFC 4462.
2006 Aug 17
5
[Bug 1218] GSSAPI client code permits SPNEGO usage
http://bugzilla.mindrot.org/show_bug.cgi?id=1218
Summary: GSSAPI client code permits SPNEGO usage
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2001 Sep 27
3
Kerberos in OpenSsh 2.9.9p2
I note with interest that Kerberos support is now available (for the version
1 protocol, at least) in OpenSSH 2.9.9p2. However, it does not build with MIT
Kerberos, due to the usual Heimdal/MIT library differences. These look, by
and large, like the same problems I encountered when porting Dan Kouril's
patch to MIT Kerberos - so I'm having a go at fixing them (my GSSAPI patches
need
2002 Jun 27
0
GSSAPI patches for OpenSSH 3.4p1 now available
An updated version of my GSSAPI patches is now available for use with
OpenSSH 3.4p1. This version also includes support for running with privsep
enabled. The patches are available from
http://www.sxw.org.uk/computing/patches/openssh.html
These patches provide support for Kerberos and GSI authentication and
credential passing with version 2 of the SSH protocol. They implement
the protocol
2006 Aug 18
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 -------
There isn't an easy fix for this, at
2006 Sep 10
1
[Bug 1225] Tidy up GSSAPI code
http://bugzilla.mindrot.org/show_bug.cgi?id=1225
Summary: Tidy up GSSAPI code
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at sxw.org.uk
2002 May 27
0
GSSAPI patches for OpenSSH 3.2.3p1
The latest version of my patches providing GSSAPI support for OpenSSH
is available from http://www.sxw.org.uk/computing/patches/openssh.html
These patches provide support for authentication mechanisms such as
Kerberos and GSI with version 2 of the SSH protocol. They are
conditionally compliant with draft-ietf-secsh-gsskeyex-03.txt, with
the optional error message passing and host key validation
2006 Aug 18
1
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=928
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #2 from simon at sxw.org.uk 2006-08-19 08:31 -------
I'd rather see us move towards just using
2008 Mar 12
3
[Bug 1276] Link stage fails when gssapi exists
https://bugzilla.mindrot.org/show_bug.cgi?id=1276
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1233| |ok+
Flag| |
2005 Aug 26
3
[Bug 1066] off-by-one error with GSSAPI names
http://bugzilla.mindrot.org/show_bug.cgi?id=1066
Summary: off-by-one error with GSSAPI names
Product: Portable OpenSSH
Version: 4.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at
2001 May 21
1
Problems with Krb5/GSSAPI patches in FBSD 4.3
Hi,
I am trying to impliment OpenSSH v2.9p1 with the Krb5/GSSAPI patches at:
http://www.sxw.org.uk/computing/patches/openssh-2.9p1-gssapi.patch
On a FreeBSD 4.3-STABLE system (with both the integrated Heimdal libs and
the MIT Krb5 package from ports intstalled). I patched the src tree,
reconfigured, recompiled, installed, and it works - except for Krb5
passwords or Krb5 tickets. And I really
2010 Jan 11
4
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=928
--- Comment #9 from Darren Tucker <dtucker at zip.com.au> 2010-01-11 17:11:06 EST ---
Created an attachment (id=1775)
--> (https://bugzilla.mindrot.org/attachment.cgi?id=1775)
sshd-gssapi-multihomed.patch
I updated patch #1182 to OpenBSD current and fixed a few minor
whitespace
things. I also removed this warning from the man page:
2009 May 23
7
[Bug 1601] New: Memory leak caused by forwarded GSSAPI credential store
https://bugzilla.mindrot.org/show_bug.cgi?id=1601
Summary: Memory leak caused by forwarded GSSAPI credential
store
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at