Displaying 20 results from an estimated 20000 matches similar to: "[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts"
2006 Aug 18
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 -------
There isn't an easy fix for this, at
2016 Aug 17
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #16 from kgizdov <mindrot at kge.pw> ---
Apparently, some good Samaritan already made patches compatible with
the current version of OpenSSH. There is a package on the Arch User
Repo (openssh-gssapi 7.1p2-1) that implements them. Here are the
patches themselves:
2005 Jun 08
1
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
------- Additional Comments From dleonard at vintela.com 2005-06-08 22:16 -------
a workaround at http://blog.macnews.de/unspecific/stories/4581/
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2006 Oct 23
1
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
------- Comment #7 from jan.iven at cern.ch 2006-10-24 02:17 -------
Created an attachment (id=1202)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1202&action=view)
(simplified patch - no config option)
Given that the GSSAPI library will (unconditionally) use DNS anyway,
perhaps we don't need yet another client-side config
2007 Sep 15
0
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #9 from Simon Wilkinson <simon at sxw.org.uk> 2007-09-15 20:59:25 ---
I've noted this on the mailing list too, but just for the record,
the simplified patch is incorrect. GSSAPI != Kerberos, and even
within the Kerberos space, some vendors ship with
canonicalisation disabled.
If we are going to ship a workaround for
2016 Aug 07
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
Colin Watson <cjwatson at debian.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cjwatson at debian.org
--- Comment #15 from Colin Watson <cjwatson at debian.org> ---
I think it would make
2016 Aug 19
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #17 from Darren Tucker <dtucker at zip.com.au> ---
(In reply to kgizdov from comment #16)
> I hope this helps.
Not really. Those have a lot of other changes (mostly the GSSAPI key
exchange support) and it still uses get_canonical_hostname() which is
currently not available in the client.
According to Damien reasoning
2023 Oct 14
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #20 from Christoph Anton Mitterer <calestyo at scientia.org> ---
I think this was answered last year in this thread:
https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-May/040285.html
and unfortunately it seems there won't be any merging of the GSSAPI
patch. :-(
There's:
2005 Mar 31
2
[Bug 1008] GSSAPI authentication failes with Round Robin DNS hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
Summary: GSSAPI authentication failes with Round Robin DNS hosts
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: openssh-bugs at mindrot.org
2013 May 22
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
DarioP <pellegrini.dario at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |pellegrini.dario at gmail.com
--- Comment #11 from DarioP <pellegrini.dario at gmail.com> ---
(In reply to
2016 Jul 15
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
kgizdov <mindrot at kge.pw> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mindrot at kge.pw
--- Comment #12 from kgizdov <mindrot at kge.pw> ---
I just wanted to chime in here to say that
2016 Jul 18
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #13 from Darren Tucker <dtucker at zip.com.au> ---
well it was never
2016 Aug 04
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #14 from Mike Frysinger <vapier at gentoo.org> ---
(In reply to Darren Tucker from comment #13)
the original patch written in 2006 was against openbsd cvs, and it
included a config option to turn it on/off (with the default being
off). it largely applied cleanly up through 7.2 until the
get_canonical_hostname refactor.
since
2016 Nov 08
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
Eitan Adler <lists at eitanadler.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |lists at eitanadler.com
--
You are receiving this mail because:
You are the assignee for the bug.
You are
2003 Oct 24
0
openssh3.7.1p2 + krb5 round-robin dns issue
Hello All,
I've encountered a problem with OpenSSH_3.7.1p2 and krb5 authentication
that I did not have using previous OpenSSH versions and krb5.
I have a group of machines that are all listed as addresses for
hostname.domain.blah via round-robin dns. When attempting to ssh to
hostname.here.blah using krb5 auth, I get the following error:
(client side)
debug1: Authentications that can
2018 Jun 12
1
[Announcement] Tinc version 1.1pre16 released
With pleasure we announce the release of tinc version 1.1pre16. Here is
a summary of the changes in tinc 1.1pre16:
* Fixed building with support for UML sockets.
* Documentation updates and spelling fixes.
* Support for MSS clamping of IP-in-IP packets.
* Fixed parsing of the -b flag.
* Added the ability to set a firemall mark on sockets on Linux.
* Minor improvements to the build system.
2018 Jun 12
1
[Announcement] Tinc version 1.1pre16 released
With pleasure we announce the release of tinc version 1.1pre16. Here is
a summary of the changes in tinc 1.1pre16:
* Fixed building with support for UML sockets.
* Documentation updates and spelling fixes.
* Support for MSS clamping of IP-in-IP packets.
* Fixed parsing of the -b flag.
* Added the ability to set a firemall mark on sockets on Linux.
* Minor improvements to the build system.
2007 Jan 13
5
multipath device round robin not working?
Hi,
I have a linux server running kernel 2.6.19 that is connected with 2
seperate 100Mbit links to the same isp:
+---+
+---------------+ | I |
+---------------+
| | | S |
| |
| eth0 --+--------------+ P |
| |
2009 Jul 26
0
GSSAPI Key Exchange Patch for OpenSSH 5.2p1
Somewhat belatedly, I'm pleased to announce the availability of my
GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay
in getting these out, a honeymoon, followed by the pressure of work,
made the first half of this year rather busy!
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
2010 Jan 24
0
GSSAPI Key Exchange Patch for OpenSSH 5.3p1
From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.