Displaying 20 results from an estimated 1000 matches similar to: "SSH2 GSSAPI/KerberosV."
2006 Aug 18
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 -------
There isn't an easy fix for this, at
2006 Aug 18
1
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=928
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #2 from simon at sxw.org.uk 2006-08-19 08:31 -------
I'd rather see us move towards just using
2004 Feb 09
4
Some GSSAPI/Kerberos Questions
After reading some more from the archives, a private email, and some
general research, I see that KerbV support has been dropped in favor
of GSSAPI.
Which is fine, and wonderful, I support GSSAPI.
But, erm, the announcement says, "This release contains some GSSAPI
user authentication support to replace legacy KerberosV authentication
support. At present this code is still considered
2001 May 18
0
OpenSSH GSSAPI patches
An updated version of my GSSAPI patches for OpenSSH 2.9p1 is finally
available from
http://www.sxw.org.uk/computing/patches/openssh.html
These patches fix a bug with the hash calculation which will break
interoperation with earlier versions - sorry!
This release supports both Kerberos and GSI (thanks to Von Welch for the GSI
support) mechanisms, and the code in it has now been widely tested
2006 Aug 17
5
[Bug 1218] GSSAPI client code permits SPNEGO usage
http://bugzilla.mindrot.org/show_bug.cgi?id=1218
Summary: GSSAPI client code permits SPNEGO usage
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2001 May 10
0
Buglet in my GSSAPI patches
Just a quick heads up to warn those of you using my gss-keyex patches that
there's a small buglet in them which will affect interoperability. I'm
building the hash incorrectly (by including a zero length string where there
shouldn't be one). This will mean that when trying to interoperate with other
implementations (if there are any :-) you'll get a message about the MIC not
2001 Jun 04
0
GSSAPI patch
As much as I hate to raise the question of another large contributed patch,
given recent traffic, what are the chances of my patch for GSSAPI
authentication making it into the tree?
Its now been widely reviewed, and seems to be seeing a fair bit of use. There
is support for multiple GSSAPI mechanisms. I'm happy to adapt the patch as
necessary to get it included - either against the
2011 Jan 01
0
New release of GSSAPI Key Exchange patch
[ If you're not familiar with the GSSAPI key exchange patches, or unsure why they make OpenSSH usable in large Kerberos deployments, http://www.sxw.org.uk/computing/patches/openssh.html contains some background information ]
Regular readers of these emails will be aware that they've recently all begun with apologies for the delay in producing the patch - this has been down to a poor tool
2001 Feb 14
1
Kerberos/GSSAPI support
Hi,
Just wondering if anyone was looking at implementing
draft-ietf-secsh-gsskeyex-00 in OpenSSH?
My patches for SSH version 1 Kerberos 5 support (heavily based upon
work done by Dan Kouril) are now available from
http://www.sxw.org.uk/computing/patches/
Is there any interest in integrating these into the distribution? If so, I'd
be happy to update them to the development version.
Cheers,
2001 May 21
1
Problems with Krb5/GSSAPI patches in FBSD 4.3
Hi,
I am trying to impliment OpenSSH v2.9p1 with the Krb5/GSSAPI patches at:
http://www.sxw.org.uk/computing/patches/openssh-2.9p1-gssapi.patch
On a FreeBSD 4.3-STABLE system (with both the integrated Heimdal libs and
the MIT Krb5 package from ports intstalled). I patched the src tree,
reconfigured, recompiled, installed, and it works - except for Krb5
passwords or Krb5 tickets. And I really
2007 Nov 15
3
GSSAPI Key Exchange Patch
Will Simon Wilkinson's GSSAPI Key Exchange patch ever be incorporated into
the OpenSSH source?
http://www.sxw.org.uk/computing/patches/openssh.html
I'm sure I'm not the only one that uses it and would like to see it become
part of the OpenSSH source. Is there something missing or is there some
technical/philosophical reason for not including it?
2003 May 01
1
GSSAPI patches
I'm please to announce that patches for GSSAPI support in 3.6.1p2 are
now available from
http://www.sxw.org.uk/computing/patches/openssh.html
These bring the patch set up to conditional compliance with version 6
of the GSSAPI draft, and fix a couple of long standing encoding bugs
pointed out by other implementors.
Cheers,
Simon.
-------------- next part --------------
A non-text attachment
2006 Aug 19
2
[Bug 1220] Fix error messages for multiple mechanism GSSAPI libraries
http://bugzilla.mindrot.org/show_bug.cgi?id=1220
Summary: Fix error messages for multiple mechanism GSSAPI
libraries
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo:
2006 Sep 10
1
[Bug 1225] Tidy up GSSAPI code
http://bugzilla.mindrot.org/show_bug.cgi?id=1225
Summary: Tidy up GSSAPI code
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at sxw.org.uk
2006 Oct 02
3
[Bug 1242] GSSAPI Keyexchange support
http://bugzilla.mindrot.org/show_bug.cgi?id=1242
Summary: GSSAPI Keyexchange support
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at
2001 Mar 20
1
Kerberos v5 and GSSAPI support in OpenSSH
An updated version of my patch for Kerberos v5 support is now available
from
http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch
This patch includes updated Kerberos v5 support for protocol version 1,
and also adds GSSAPI support for protocol version 2.
Unlike the Kerberos v5 code (which will still not interoperate with
ssh.com clients and servers), the GSSAPI support is based on
2002 Mar 21
1
GSSAPI/Kerberos support in OpenSSH 3.1p1
I've now completed updating my patches for GSSAPI in protocol v2 to
OpenSSH 3.1p1
See http://www.sxw.org.uk/computing/patches/openssh.html
As previously, you will need to apply the protocol v1 krb5 patch
before the GSSAPI one, and run autoreconf from an autoconf later
than 2.52
There are a number of improvements and minor bug fixes over previous
patches. However, due to protocol changes this
2007 Sep 20
0
GSSAPI Key Exchange in sshd?
Hello,
Kevin Way wrote:
> I'm curious if there are technical (or other) reasons that prevent
> FreeBSD from adding RFC 4462 (GSSAPI Key Exchange) support to sshd.
> The MIT Kerberos team first requested this four years ago, and
> implementation patches have been available for years at:
> http://www.sxw.org.uk/computing/patches/openssh.html
>
> The author of those
2006 Oct 02
0
GSSAPI Key Exchange for 4.4p1
Hi,
I'm pleased to be able to announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.4p1.
This patch adds RFC4462 compatibility to OpenSSH, along with adding
additional GSSAPI support that is yet to make it into the main tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. This can be enabled through the
2002 May 27
0
GSSAPI patches for OpenSSH 3.2.3p1
The latest version of my patches providing GSSAPI support for OpenSSH
is available from http://www.sxw.org.uk/computing/patches/openssh.html
These patches provide support for authentication mechanisms such as
Kerberos and GSI with version 2 of the SSH protocol. They are
conditionally compliant with draft-ietf-secsh-gsskeyex-03.txt, with
the optional error message passing and host key validation