Displaying 20 results from an estimated 1000 matches similar to: "Portable OpenSSH 2.9p2"
2001 May 18
0
OpenSSH GSSAPI patches
An updated version of my GSSAPI patches for OpenSSH 2.9p1 is finally
available from
http://www.sxw.org.uk/computing/patches/openssh.html
These patches fix a bug with the hash calculation which will break
interoperation with earlier versions - sorry!
This release supports both Kerberos and GSI (thanks to Von Welch for the GSI
support) mechanisms, and the code in it has now been widely tested
2001 Feb 14
1
Kerberos/GSSAPI support
Hi,
Just wondering if anyone was looking at implementing
draft-ietf-secsh-gsskeyex-00 in OpenSSH?
My patches for SSH version 1 Kerberos 5 support (heavily based upon
work done by Dan Kouril) are now available from
http://www.sxw.org.uk/computing/patches/
Is there any interest in integrating these into the distribution? If so, I'd
be happy to update them to the development version.
Cheers,
2012 Oct 10
1
ANNOUNCE: cifs-utils release 5.6 is ready for download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Time for another cifs-utils release!
Nothing terribly earth shattering here. Some distros (like Fedora) are
moving krb5 credcaches out of /tmp by default. Users of these distros
will definitely want to upgrade.
Highlights:
* Fixes for mounting with '/' in usernames with sec=krb5
* Support for DIR: type krb5 ccaches
* support for
2001 Sep 27
3
Kerberos in OpenSsh 2.9.9p2
I note with interest that Kerberos support is now available (for the version
1 protocol, at least) in OpenSSH 2.9.9p2. However, it does not build with MIT
Kerberos, due to the usual Heimdal/MIT library differences. These look, by
and large, like the same problems I encountered when porting Dan Kouril's
patch to MIT Kerberos - so I'm having a go at fixing them (my GSSAPI patches
need
2001 Mar 27
3
Kerberos 5 and OpenSSH 2.5.2p2
Are there any patches to enable Krb5 for OpenSSH? I'm trying to get a
proof of concept done so I can eventually roll Krb5 and OpenSSH out as our
primary AA infrastructure and I'm having a hard time of it. Can someone
point me to info to help?
--
Austin Gonyou
Systems Architect
Coremetrics, Inc.
Phone: 512-796-9023
email: austin at coremetrics.com
2005 Mar 15
1
SMB signing broken? 3.0.7 -> 3.0.8
Hi all.
I originally suspected this problem was with netbios (which I have
disabled by default) and Jerry has helped me out a bit with but I've
been doing some more digging and I think the problem lies back further
than I expected.
I was trying to upgrade from 3.0.7 to 3.0.11 so I've recompiled all
versions back from 3.0.11 and the problem first occured in 3.0.8. The
issue is with
2001 Jul 24
1
OpenSSH 2.9p2+Kerberos5 on RH7.1 fails
I've been installing OpenSSH 2.9p2 onto several RedHat Linux machines,
after compiling in the GSSAPI/Kerberos5 patch from here:
http://www.sxw.org.uk/computing/patches/openssh.html
I've been using ssh both to let users in via passwords and Kerberos
tickets, and both have been working fine...
except for one irritating machine, which (for no good reason I can see)
fails when using kerberos
2000 Dec 02
2
pam, openssh and opie
Hello folks, this looks about the only place I can find on issues dealing
with the subject line. The message that got me posting is included below the
line of *'s.
Basically I've tried getting this working with Pam authentication and using
the new login binary that comes with Opie 2.32. No joy.
I am using
RedHat 6.0
OpenSSH 2.3.0p1
Pam 0.66-18
I can get the opie challenge only on a
2001 Nov 07
1
what's the deal with openssh-3.0p1 and kerberos5?
The openssh-3.0 announcement said:
(...)
3) improved Kerberos support in protocol v1 (KerbIV and KerbV)
(...)
This seems to imply at least some krb5 support, but there is nothing
new in ./configure --help about it. Grepping the source, I see many
references to #ifdef KRB5. Trying to enable it manually (a #define
in config.h) gives errors about a missing krb5_auth_con_setaddrs_from_fd,
which I
2001 Mar 31
1
Diablo II cannot find CD
Hello!
I've installed Diablo II and then tried to start the game.
Even if I start the game from the cdrom, Diablo II complains it
couldn't start because of
Drive error:
Make sure that Diablo II CD-Rom is inserted
(this is only my translation)
my wine config cdrom part:
[Drive M]
"Type" = "cdrom"
"Path" = "/cdrom"
"Label" =
2001 Aug 10
2
Rhosts Authentication Problem on Solaris
Anyone, HELP!!!!!!!!!!!!!!
I currently installed openssh-2.9p2 on SunOS 5.7 and 5.8. From the very
moment that start to ssh out I get "Rhosts Authentication disabled ;the
originating ip will not be trusted". I 've put "Useprivileged yes " in the
ssh_config file, but then the ssh complains that there is a bad config line.
Can some one tell me what is going on and how can I
2008 Oct 21
1
No such file or directory - /var/lib/puppet/yaml/*
Hi,
I reinstalled puppet-server and am now getting these error messages from
clients:
err: /File[/var/lib/puppet/facts]: Failed to generate additional resources
during transaction: No such file or directory - /var/lib/puppet/yaml/node
err: /File[/var/lib/puppet/facts]: Failed to retrieve current state of
resource: No such file or directory - /var/lib/puppet/yaml/node Could not
describe /facts:
2002 May 15
3
Curious about final KRB5/GSSAPI patch inclusion.
What is the target version for all the KRB5 bits to be in place. I know
there is very much in place right now, but I remember someone mentioning
there was just a GSSAPI/MITKRB5 patch being waited for.
TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try
2008 Mar 12
3
[Bug 1276] Link stage fails when gssapi exists
https://bugzilla.mindrot.org/show_bug.cgi?id=1276
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1233| |ok+
Flag| |
2008 Jul 28
2
security of auto-sign?
I am looking into alternatives for the initial cert sign for new
puppet clients. We will have non-sysadmins kickstarting new hosts,
and I am trying to minimize the time they have to wait for a cert sign
while maintaining at least a marginally sane level of security.
My question is this: does the puppetmaster check that a new cert
request for host A (csr with subject "cn=A.mydomain") is
2009 May 23
7
[Bug 1601] New: Memory leak caused by forwarded GSSAPI credential store
https://bugzilla.mindrot.org/show_bug.cgi?id=1601
Summary: Memory leak caused by forwarded GSSAPI credential
store
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2009 Sep 01
19
[Bug 1644] New: Allow ip options except source routing
https://bugzilla.mindrot.org/show_bug.cgi?id=1644
Summary: Allow ip options except source routing
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2007 May 06
2
[Bug 1312] Add short command-line option -K for activating GSSAPIDelegateCredentials
http://bugzilla.mindrot.org/show_bug.cgi?id=1312
Summary: Add short command-line option -K for activating
GSSAPIDelegateCredentials
Product: Portable OpenSSH
Version: 4.4p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Kerberos support
2001 Sep 05
2
pam_limits and OpenSSH
Hi,
I have an account server with many users. It uses pam_limits module to
limit memory usage etc. The problem is that sometimes SSH rejects
connection after the password is entered. In syslog it prints something
like "fork: Resource temporary unavailable". After killing some root
processes it works perfectly.
Perhaps the daemon first sets process limits and then switches to
2002 May 29
0
pam_limits module bug and its effects on pam applications
On 2001-10-26 at 13:35:50 Nicolas Williams <Nicolas.Williams at ubsw.com> wrote:
> On Fri, Oct 26, 2001 at 02:11:13PM +0200, Markus Friedl wrote:
> > On Fri, Oct 26, 2001 at 10:14:21AM +1000, Damien Miller wrote:
> > > On Thu, 25 Oct 2001, Ed Phillips wrote:
> > >
> > > > What is the reasoning behind this? Do we want to see a lastlog entry for
>