On Thu, 18 Nov 1999, Peter Losher wrote:
> Has anyone gotten OpenSSH (v1.2) to work with KRB5? I have
> defined Kerberos by typing 'make KERBEROS=YES' and it defaults to
> KerberosIV as such in /usr/ports/security/openssh/:
OpenSSH currently only supports Kerberos v4. sorry. :-(
the Kerberos v5 support that was integrated into the original SSH was
based on my earlier Kerberos v4 patch - but it was implemented using the
same SSH auth protocol message types, so support for the two versions are
currently mutually exclusive. :-(
there may be some magic we can do to auto-detect/negotiate the version of
Kerberos being spoken, but i don't have any spare cycles to work on it
right now. any other Kerberos ppl willing to help?
> If there is a OpenSSH mailing list that this would be better
> served in, let me know (I couldn't find one on the OpenSSH web site).
Damien Miller is hosting one, at least until openssh.org is transferred to
the OpenSSH project. see http://violet.ibs.com.au/openssh/list.html
-d.
---
http://www.monkey.org/~dugsong/
> Has anyone gotten OpenSSH (v1.2) to work with KRB5? I have
> defined Kerberos by typing 'make KERBEROS=YES' and it defaults to
> KerberosIV as such in /usr/ports/security/openssh/:
OpenSSH currently only supports Kerberos v4. sorry. :-(
the Kerberos v5 support that was integrated into the original SSH was
based on my earlier Kerberos v4 patch - but it was implemented using the
same SSH auth protocol message types, so support for the two versions are
currently mutually exclusive. :-(
there may be some magic we can do to auto-detect/negotiate the version of
Kerberos being spoken, but i don't have any spare cycles to work on it
right now. any other Kerberos ppl willing to help?
> If there is a OpenSSH mailing list that this would be better
> served in, let me know (I couldn't find one on the OpenSSH web site).
Damien Miller is hosting one, at least until openssh.org is transferred to
the OpenSSH project. see http://violet.ibs.com.au/openssh/list.html
-d.
---
http://www.monkey.org/~dugsong/