similar to: Compiling Samba and kerberos, lib problems

Hello, I going to use ssh with Kerberos V5 support along with support for AFS. I don't want to use Kerberos V4 or AFS token passing. The only thing I need from AFS is creating an AFS token (using appropriate function from krb5 API) after user's authentication. It seems to me that such scenario is not much supported by the current code. Rather it is assumed only Kerberos 4 will be used

Okay, I've narrowed the problem down quite a bit. As previously reported, in CentOS 5.2 I get this: $ cvs log Makefile poll: protocol failure in circuit setup cvs [log aborted]: end of file from server (consult above messages if any) Turns out this is a problem with rsh: $ rsh khan ls connect to address 10.24.15.48 port 544: Connection refused Trying krb4 rsh... connect to address

Hi All, The OpenBSD tree is likely to be dropping KerberosIV support very soon. We will ultimately follow suit, but if there are many Krb4 users we may give a transition period of a release or two. AFAIK we don't compile at all against MIT KrbIV because of library conflicts. So, who is using OpenSSH Krb4 support at the moment? -d

Hi, I'm suffering from a memory corruption problem when compiling OpenSSH 3.0.2p1 with kth-krb4 1.1 on AIX 4.3.2 and 4.3.3. The symptom is that the file name gets zeroed out during ssh key generation, for example during "make install": Generating public/private rsa1 key pair. open failed: No such file or directory. ^ filename normally goes here When I remove krb4 from the

please test Olaf Kirch's patch. it looks fine to me, but i don't to K5. i'd like to see this in the next release. thx -m -------------- next part -------------- --- openssh-3.4p1/auth-krb5.c.krb Sun Jun 9 21:41:48 2002 +++ openssh-3.4p1/auth-krb5.c Tue Jul 23 15:15:43 2002 @@ -73,18 +73,17 @@ * from the ticket */ int -auth_krb5(Authctxt *authctxt, krb5_data *auth, char

http://bugzilla.mindrot.org/show_bug.cgi?id=324 ------- Additional Comments From jan.iven at cern.ch 2002-06-30 09:19 ------- Created an attachment (id=125) KRB4/KRB5/AFS with privsep ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Dear OpenSSH developers, Hello, I strongly support this suggestion ie. adding the sentence "This option has been disabled at compile time" as appropriate. It would be even more helpful if you said how to enable it (krb) at compile time. Remember, this is the only documentation available. I spent some time wondering about this before searching the archives. Ok, while we are on the

This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and other principal names in authorized_keys entries. It's a sort of replacement for .klogin and .k5login, but it's much more general than .k*login as it applies to any authentication mechanism where a name is associated with the ssh client and it supports name patterns and all the normal authorized_keys entry options

http://bugzilla.mindrot.org/show_bug.cgi?id=614 Summary: bug in krb4 support for OpenSSH on IRIX 64-bit ABI Product: Portable OpenSSH Version: 3.6.1p2 Platform: MIPS URL: http://lib.natur.cuni.cz/komanek/webland/html/unix/opens sh_patches.html OS/Version: IRIX Status: NEW Severity: normal

http://bugzilla.mindrot.org/show_bug.cgi?id=44 ------- Additional Comments From djm at mindrot.org 2002-05-13 15:39 ------- Have you filed a bug in the glibc bug tracking system? BTW, how did you compile with krb4 on Redhat 7.2 without running over libdes conflicts? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

Hello, I have tried to compile openssh-3.1p1 and then two later snapshots. It seems that I can not have support for KTH-Krb4, according to this errorlist from make: gcc -o ssh ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o -L. -Lopenbsd-compat/ -R/usr/local/ssl/lib -L/usr/local/ssl/lib -L/usr/local/lib -R/usr/local/lib -L/usr/athena/lib -R/usr/athena/lib -lssh

Hi, I've reported this problem a month ago on this list, and probably no-one is interested? Binaries were configured with krb4 and afs enabled. However, only the second crash seems to be related to krb4. Any thoughts? I had to add one line to includes.h: #include <sys/types.h> #include <sys/socket.h> #include <sys/ioctl.h> +#include <sys/ioccom.h> #include

I have made a bit of progress since I compiled krb5-1.2.6. ./configure --with-cc=gcc --without-krb4 --disable-dns-for-kdc It would be nice if there was an option to just compile client stuff. The resolv library problem went away. I don't know if that was a change to krb5 or to cygwin. Bison problems also went away. Still need to add #include <errno.h> to

My site uses Kerb 4 (actually AFS) for virtually all authentication. No users have local passwords on machines. We'd like to start allowing SSH2 connections, but OpenSSH 2.3.0p1 will not authenticate Kerberos passwords for SSH2 connections. In auth2.c: #ifdef KRB4 /* turn off kerberos, not supported by SSH2 */ options.kerberos_authentication = 0; #endif If I remove this

Hi How to get rid of kerberos, or at least to prevent to go into path? Where is defined the path for users? I need to configure and use rtools (I know that I should use ssh, but I need rtools) and I think very annoying the messages from Kerberized rsh or rlogin, like this: -sh-3.2$ rsh kitten02 connect to address 192.168.89.2 port 543: Connection refused Trying krb4 rlogin... connect to

I'm trying to recompile the source RPM from the FC3 version of cvs (http://ayo.freshrpms.net/fedora/linux/3/i386/SRPMS.updates/cvs-1.11.17-4.src.rpm), as the version shipped on RHEL/CentOS/etc has a known bug (version 1.11.2-unix "cvs watch on" doesn't work). The initial configure is failing with this obscure error: configure:2257: checking for C compiler default output file

Hello all, I'm not quite sure what has changed in the recent rsh commands, but I can't seem to get around the password promting. I need a clnk rsh between two machines in order to run my backup script. I added all the usual .rhosts with the proper permissions et al added the xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when I use the rsh commands, I get either a

Hi, I just got a comment from one of my IBM support engineeres that there is a problem with auth-passwd.c only calling authenticate() once. He claims it should potentially be called several times, in case several authetication methods are defined in /etc/security/user. F.ex.: SYSTEM = "NIS and DCE" Suggested (untested) patch should look like: ----------------- cut

http://bugzilla.mindrot.org/show_bug.cgi?id=324 Summary: privsep break KRB4 auth, KRB4 TGT forwarding and AFS token forwarding Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: