similar to: Debian openssh option review: considering splitting out GSS-API key exchange

On Tue, Apr 02, 2024 at 01:30:11AM +0100, Colin Watson wrote: > * for Debian trixie (current testing): > > * add dependency-only packages called something like > openssh-client-gsskex and openssh-server-gsskex, depending on their > non-gsskex alternatives > * add NEWS.Debian entry saying that people need to install these > packages if they want to retain

https://bugzilla.mindrot.org/show_bug.cgi?id=1008 --- Comment #20 from Christoph Anton Mitterer <calestyo at scientia.org> --- I think this was answered last year in this thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2022-May/040285.html and unfortunately it seems there won't be any merging of the GSSAPI patch. :-( There's:

https://bugzilla.mindrot.org/show_bug.cgi?id=1422 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |WONTFIX Status|NEW |RESOLVED CC|

I am having problems getting a Nicherons TDM400P wildcard clone to dial out. Everything appears to be configured correctly, but although I see call progress, it never seems to actually pick up the phone. (The following is a test of 911 emergency, where I substitute 811 [repair service] as the actual number dialed.) *CLI> -- Executing [911 at from-internal:1]

I would like to request additional consideration for inclusion of the gss-keyex patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1242) into mainline OpenSSH. I know this comes up every few months, and I know that the current answer is "no" (as stated in November 2007), so I'll get straight to the new information and possibly-new arguments. 1. I conducted a careful, line-by-line

Adding libvirt mailing list apologies for cross-posting libvirt version: 9.7.0-1 On Thu, Sep 21, 2023 at 8:39?AM john doe <johndoe65534 at mail.com> wrote: > On 9/21/23 09:32, Bhasker C V wrote: > > I am getting an error with libivrt when I create a VM > > > > ``` > > $ sudo virsh create ./win11.xml > > error: Failed to create domain from ./win11.xml >

Just a quick heads up to warn those of you using my gss-keyex patches that there's a small buglet in them which will affect interoperability. I'm building the hash incorrectly (by including a zero length string where there shouldn't be one). This will mean that when trying to interoperate with other implementations (if there are any :-) you'll get a message about the MIC not

Hi, We were unable to use nsupdate-gss to a Windows 2003 Active Directory. I modified the nsupdate-gss script to use the local Domain Controller to do the DNS update and then it works (albeit giving a TKEY integrity error). The patch attached adds a 5th argument to the command line to specify the local Domain Controller to send the DNS update to. Usage: nsupdate-gss.pl HOST DOMAIN IP TTL

what about this? can we do about this if we break the protocol? -------------- next part -------------- An embedded message was scrubbed... From: Love <lha at stacken.kth.se> Subject: gss userauth Date: Fri, 22 Aug 2003 16:06:27 +0200 Size: 2878 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030822/f7bb85a0/attachment.mht

OpenSSH Unix Dev, Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build includes a number of patches, some general bug fixes and some platform- specific fixes and enhancements. These patches are available from our open source site (http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/ ). Following is a brief description of each patch. We'd be more than happy to

http://bugzilla.mindrot.org/show_bug.cgi?id=1369 Summary: gss-cleanup.sh sometimes fails on fast machines Product: Portable OpenSSH Version: 4.7p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org

On 04/16/2015 06:33 AM, Mike wrote: > Hi Johnny, > > Thank you for your response. I thought to choose the sernet package > because of the following stated in Samba Readme: > > Samba packages shipped in some distributions like e. g. Fedora, RHEL may > not be able to be used as Samba AD DC, because the distribution relies on > MIT Kerberos which isn't supported by

On Thu, Apr 16, 2015 at 6:03 PM, James Hogarth <james.hogarth at gmail.com> wrote: > This was required for kerberos secured updates prior to el7.1 and el6.6 ... > > The problem in the underlying kerberos libraries was resolved so that > kerberos based updates worked with gss again and spnego doesn't need to be > compiled in. >

Hai, ? Im know this might not be the place to ask, but im doing it anyway..? ;-) ? Im testing an debian Jessie server with squid3 ( 3.4.8 ) Its running Debian Samba 4.1.13 with winbind. ? Im having troubles, to get the squid auth working. So my question is is someone here using kerberos authentication on squid. ( 3.4.x ) Or someone who is using the gss-spnego helper protocol. ? Im using this

Dear all, I am trying to use ssanova of the gss package but met some error that I cannot figure out the answer for. Here is the code I am using to explain the problem. library(gss) set.seed(5732) x=(1:100)/100 y=1+3*sin(2*pi*x)+2*(x>0.7)+rnorm(x) x1=rnorm(100) x2=rnorm(100) part.fit=ssanova(y~x, partial=~cbind(x1,x2)) summary(part.fit) part.fit=ssanova(y~x, partial=~cbind(as.numeric(x1),x2))

Somewhat belatedly, I'm pleased to announce the availability of my GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay in getting these out, a honeymoon, followed by the pressure of work, made the first half of this year rather busy! Whilst OpenSSH contains support for GSSAPI user authentication, this still relies upon SSH host keys to authenticate the server to the

From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.

Hi, I'm pleased to announce the availability of my GSSAPI Key Exchange patch for OpenSSH 4.6p1. This patch adds support for the RFC4462 GSSAPI key exchange mechanisms to OpenSSH, along with some minor fixes for the GSSAPI code that is already in the tree. The patch implements: *) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key exchange mechanisms. (#1242) *)

Hi, I'm pleased to be able to announce the availability of my GSSAPI Key Exchange patch for OpenSSH 4.4p1. This patch adds RFC4462 compatibility to OpenSSH, along with adding additional GSSAPI support that is yet to make it into the main tree. The patch implements: *) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key exchange mechanisms. This can be enabled through the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's that time again! There's been another OpenSSH release, and once again, I'm pleased to announce the availability of my GSSAPI Key Exchange patch for it. Whilst OpenSSH contains support for GSSAPI user authentication, this still relies upon SSH host keys to authenticate the server to the user. For sites with a deployed Kerberos