Displaying 20 results from an estimated 10000 matches similar to: "Kerberos Support in OpenSSH"
2001 Mar 20
1
Kerberos v5 and GSSAPI support in OpenSSH
An updated version of my patch for Kerberos v5 support is now available
from
http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch
This patch includes updated Kerberos v5 support for protocol version 1,
and also adds GSSAPI support for protocol version 2.
Unlike the Kerberos v5 code (which will still not interoperate with
ssh.com clients and servers), the GSSAPI support is based on
2003 Aug 22
1
gss userauth (fwd)
what about this? can we do about this if
we break the protocol?
-------------- next part --------------
An embedded message was scrubbed...
From: Love <lha at stacken.kth.se>
Subject: gss userauth
Date: Fri, 22 Aug 2003 16:06:27 +0200
Size: 2878
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030822/f7bb85a0/attachment.mht
2002 Mar 21
1
GSSAPI/Kerberos support in OpenSSH 3.1p1
I've now completed updating my patches for GSSAPI in protocol v2 to
OpenSSH 3.1p1
See http://www.sxw.org.uk/computing/patches/openssh.html
As previously, you will need to apply the protocol v1 krb5 patch
before the GSSAPI one, and run autoreconf from an autoconf later
than 2.52
There are a number of improvements and minor bug fixes over previous
patches. However, due to protocol changes this
2004 May 23
5
OpenSSH v3.8p1 fails to interoperate for GSSAPI (Kerberos) and X-Windows
Versions: openssh-3.8p1-33, heimdal-0.6.1rc3-51, XFree86-4.3.99.902-40,
tk-8.4.6-37, all from SuSE 9.1 (unhacked); back-version peers have
openssh-3.5p1, XFree86-4.3.0-115, etc. from SuSE 8.2.
Symptoms:
1. When the client and server versions are unequal, the Kerberos ticket
is not accepted for authentication. All the clients have
PreferredAuthentications gssapi-with-mic, gssapi, others.
2.
2005 Oct 10
0
[Bug 1100] GSSAPI-with-mic doesn't handle empty usernames
http://bugzilla.mindrot.org/show_bug.cgi?id=1100
Summary: GSSAPI-with-mic doesn't handle empty usernames
Product: Portable OpenSSH
Version: 4.2p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2004 Mar 01
1
GSSAPI support in 3.8 ?
Hi All,
>From Changelog with 3.8:
"The experimental "gssapi" support has been replaced with the
"gssapi-with-mic" to fix possible MITM attacks.The two versions are not
compatible."
I am using OpenSSH-3.6 with Simon's patch and OpenSSH-3.7 built with GSSAPI
support. The latest version OpenSSH-3.8 is not working with 3.6 or 3.7 with
GSSAPI authentication. I
2002 Jun 27
0
GSSAPI patches for OpenSSH 3.4p1 now available
An updated version of my GSSAPI patches is now available for use with
OpenSSH 3.4p1. This version also includes support for running with privsep
enabled. The patches are available from
http://www.sxw.org.uk/computing/patches/openssh.html
These patches provide support for Kerberos and GSI authentication and
credential passing with version 2 of the SSH protocol. They implement
the protocol
2002 May 27
0
GSSAPI patches for OpenSSH 3.2.3p1
The latest version of my patches providing GSSAPI support for OpenSSH
is available from http://www.sxw.org.uk/computing/patches/openssh.html
These patches provide support for authentication mechanisms such as
Kerberos and GSI with version 2 of the SSH protocol. They are
conditionally compliant with draft-ietf-secsh-gsskeyex-03.txt, with
the optional error message passing and host key validation
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2014 May 25
2
Samba 4 / Kerberos / ssh
I try to get Samba 4 with ssh running.
I found in the Script from Matthieu Patou tot he sysvol sync the follwing intresting line.
---
kinit -k -t /etc/krb5.keytab `hostname -s | tr "[:lower:]" "[:upper:]"`\$
rsync -X -u -a $dc_account_name\$@${dc}.${domain}:$SYSVOL $STAGING
---
when i understand correct he uses the domain controller service principle to connect to the
2013 Nov 20
1
Samba4 and GSSAPI based authentication for OpenSSH
I seem to be having the same issue as
https://lists.samba.org/archive/samba/2012-December/170426.html. I
don't see that he ever reached a solution.
Nov 20 16:02:58 appdb01-qa sshd[31622]: debug1: Unspecified GSS
failure. Minor code may provide more information\nNo key table entry
found matching host/appdb01-qa.mediture.dom@\n
Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1:
2005 Nov 03
2
Question about GSSAPI with OpenSSH 4.2p1
Hey all, perhaps someone might be able to shed a little light on this
problem. Nothing I find in books and groups seem to address the
problem. I'm trying to set up a series of connections with ssh that
authenticate through GSSAPI. However, it seems that the credentials are
not getting passed.
>From the client..
debug1: Next authentication method: gssapi-with-mic
debug2: we sent a
2002 Oct 04
1
Confirming kerberos for upcoming OpenSSH portable release.
O.K. I know it was too late to make changes for the next release, but
thankfully there werent any changes needed. Kerberos over ssh protocol 1
worked out of the box from CVS today (2002/10/04-14:30)
The krb5 patches we were using (I think from Olaf K) was all in the
code. The only thing I had to patch to get things working was removing
the scard-install from the Makefile.in
The compiled code
2017 Nov 01
2
Winbind, Kerberos, SSH and Single Sign On
Hi,
at first I'm not sure if this is the correct list to ask this question.
But since I'm using winbind I hope you can help me.
I try to realize a kerberized ssh from one client to another. Both
clients are member of subdom2.subdom1.example.de and joined to it. The
users are from example.de, where subdom1.example.de is a subdomain
(bidirectional trust) of example.de and
2006 Feb 27
2
Bug in Kerberos support for openssh.
It took me a while to track this down. I am using MIT Kerberos 1.4.3
and libgssapi-0.7. With some patches that came with Suse 10, but that
doesn't appear to be relevant. I have been using openssh-4.2p1 (with
Simon's patches) and openssh-4p3p2 out of the box. I see the same
problem no matter which version of openssh I am using. I am using two
Suse Linux x86 boxes as a test
2001 Feb 14
1
Kerberos/GSSAPI support
Hi,
Just wondering if anyone was looking at implementing
draft-ietf-secsh-gsskeyex-00 in OpenSSH?
My patches for SSH version 1 Kerberos 5 support (heavily based upon
work done by Dan Kouril) are now available from
http://www.sxw.org.uk/computing/patches/
Is there any interest in integrating these into the distribution? If so, I'd
be happy to update them to the development version.
Cheers,
2007 Sep 27
4
GSSAPI Key Exchange Patch for OpenSSH 4.7p1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm pleased to (finally) announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for
doing GSSAPI user authentication, this only allows the underlying
security mechanism to authenticate the user to the server, and
continues to use SSH host keys to authenticate the server to the
2009 Apr 19
1
Stack trace dor gssapi-with-mic
I think I had better update akk the kerberos and gssapi to the latest?
Please advise.
Thanks
Tedc
ssh -vvv admin at geronimo.creedon.biz
<<<<<<<<snip>>>>>>>>>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa (0x568da0)
debug2: key:
2014 Jun 18
15
[Bug 2246] New: PAM enhancements for OpenSSH server
https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Bug ID: 2246
Summary: PAM enhancements for OpenSSH server
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: enhancement
Priority: P5
Component: PAM support
Assignee: unassigned-bugs at
2004 Jan 22
11
Pending OpenSSH release: contains Kerberos/GSSAPI changes
(I hope this message is appropriate for these lists. If not, please
tell me and I won't do it again.)
Hi All.
There will be a new release of OpenSSH in a couple of weeks. This
release contains Kerberos and GSSAPI related changes that we would like
to get some feedback about (and hopefully address any issues with)
before the release.
I encourage anyone with an interest in