Displaying 20 results from an estimated 3000 matches similar to: "GSSAPI Key Exchange Patch for OpenSSH 4.6p1"
2006 Oct 02
0
GSSAPI Key Exchange for 4.4p1
Hi,
I'm pleased to be able to announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.4p1.
This patch adds RFC4462 compatibility to OpenSSH, along with adding
additional GSSAPI support that is yet to make it into the main tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. This can be enabled through the
2009 Jul 26
0
GSSAPI Key Exchange Patch for OpenSSH 5.2p1
Somewhat belatedly, I'm pleased to announce the availability of my
GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay
in getting these out, a honeymoon, followed by the pressure of work,
made the first half of this year rather busy!
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
2010 Jan 24
0
GSSAPI Key Exchange Patch for OpenSSH 5.3p1
From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.
2008 Apr 04
0
GSSAPI Key Exchange Patch for OpenSSH 5.0p1 (plus an added extra)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's that time again! There's been another OpenSSH release, and once
again, I'm pleased to announce the availability of my GSSAPI Key
Exchange patch for it.
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
user. For sites with a deployed Kerberos
2007 Sep 27
4
GSSAPI Key Exchange Patch for OpenSSH 4.7p1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm pleased to (finally) announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for
doing GSSAPI user authentication, this only allows the underlying
security mechanism to authenticate the user to the server, and
continues to use SSH host keys to authenticate the server to the
2006 Mar 06
0
GSSAPI Key Exchange patches for OpenSSH 4.3p2
Patches supporting GSSAPI Key Exchange in OpenSSH 4.3p2 are now
available from http://www.sxw.org.uk/computing/patches/openssh.html
These patches add support for performing GSSAPI key exchange to the
OpenSSH client and server. Whilst OpenSSH contains support for using
GSSAPI in the user authentication step, this is inadequate for many
sites, as it doesn't provide a mechanism for using
2006 Aug 17
5
[Bug 1218] GSSAPI client code permits SPNEGO usage
http://bugzilla.mindrot.org/show_bug.cgi?id=1218
Summary: GSSAPI client code permits SPNEGO usage
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2006 Oct 02
1
[Bug 1245] Add support for Darwin CCAPI
http://bugzilla.mindrot.org/show_bug.cgi?id=1245
Summary: Add support for Darwin CCAPI
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at
2006 Oct 02
3
[Bug 1242] GSSAPI Keyexchange support
http://bugzilla.mindrot.org/show_bug.cgi?id=1242
Summary: GSSAPI Keyexchange support
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at
2014 Jan 24
3
[Bug 2198] New: GSSAPIKeyExchange gssapi-keyex bug in kex.c choose_kex()
https://bugzilla.mindrot.org/show_bug.cgi?id=2198
Bug ID: 2198
Summary: GSSAPIKeyExchange gssapi-keyex bug in kex.c
choose_kex()
Product: Portable OpenSSH
Version: 6.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Kerberos support
2011 Jan 01
0
New release of GSSAPI Key Exchange patch
[ If you're not familiar with the GSSAPI key exchange patches, or unsure why they make OpenSSH usable in large Kerberos deployments, http://www.sxw.org.uk/computing/patches/openssh.html contains some background information ]
Regular readers of these emails will be aware that they've recently all begun with apologies for the delay in producing the patch - this has been down to a poor tool
2011 Jan 25
0
Announce: GSSAPI Key Exchange Patch for OpenSSH 5.7p1
Hi,
I'm pleased to announce the availability of my GSSAPI Key Exchange
patch for OpenSSH 5.7p1. In addition to adding support for key
exchange, vital for enterprise users of SSH and Kerberos, it also adds
a number of other GSSAPI related features:
*) Cascading Credential Renewal - when enabled, credentials
renewed on your local workstation are automatically forwarded to hosts
2007 Nov 15
3
GSSAPI Key Exchange Patch
Will Simon Wilkinson's GSSAPI Key Exchange patch ever be incorporated into
the OpenSSH source?
http://www.sxw.org.uk/computing/patches/openssh.html
I'm sure I'm not the only one that uses it and would like to see it become
part of the OpenSSH source. Is there something missing or is there some
technical/philosophical reason for not including it?
2007 Jan 10
0
Patches to current gssapi-with-mic support
Would it be possible for one of the developers to look at the
following Bugzilla entries,
and, if suitable, apply the patches attached to each bug?
http://bugzilla.mindrot.org/show_bug.cgi?id=1220
Fix error messages for multiple mechanism GSSAPI libraries
http://bugzilla.mindrot.org/show_bug.cgi?id=1225
Tidy up GSSAPI code
http://bugzilla.mindrot.org/show_bug.cgi?id=928
Kerberos/GSSAPI
2007 Sep 20
0
GSSAPI Key Exchange in sshd?
Hello,
Kevin Way wrote:
> I'm curious if there are technical (or other) reasons that prevent
> FreeBSD from adding RFC 4462 (GSSAPI Key Exchange) support to sshd.
> The MIT Kerberos team first requested this four years ago, and
> implementation patches have been available for years at:
> http://www.sxw.org.uk/computing/patches/openssh.html
>
> The author of those
2005 Sep 26
0
New GSSAPI Key Exchange patch for OpenSSH 4.2p1
Hi,
This is to announce the availability of a new version of my GSSAPI key
exchange patch for OpenSSH.
The code is available from
http://www.sxw.org.uk/computing/patches/openssh.html
Changes since the last release are:
*) Implement GSS group exchange
*) Disable DNS canonicalization of the hostname passed to the GSSAPI
library - an option is provided to allow this to be overriden on
2007 Jun 22
1
[Bug 1245] Add support for Darwin CCAPI
http://bugzilla.mindrot.org/show_bug.cgi?id=1245
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> 2007-06-22 15:34:00 ---
Do the
2017 Sep 23
2
DH Group Exchange Fallback
On 09/22/2017 06:55 PM, Tim Broberg wrote:
> Do I understand correctly, that you find the security of group 14 unacceptable and yet you left it enabled?
In the end, I'm trying to ensure a minimum equivalent of 128-bits of
security. Group14 is 2048-bits, which roughly translates to 112-bits. [1]
To this end, I disabled the "diffie-hellman-group14-sha1" and
2014 Oct 28
1
[Bug 2303] New: ssh (and perhaps even sshd) should allow to specify the minimum DH group sizes for DH GEX
https://bugzilla.mindrot.org/show_bug.cgi?id=2303
Bug ID: 2303
Summary: ssh (and perhaps even sshd) should allow to specify
the minimum DH group sizes for DH GEX
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
2006 Aug 18
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 -------
There isn't an easy fix for this, at