From owner-freebsd-security Sat Nov 20 14:24:24 1999 Delivered-To: freebsd-security@freebsd.org Received: from funky.monkey.org (funky.monkey.org [63.77.239.12]) by hub.freebsd.org (Postfix) with ESMTP id 76DEA14E86 for ; Sat, 20 Nov 1999 14:24:19 -0800 (PST) (envelope-from dugsong@monkey.org) Received: by funky.monkey.org (Postfix, from userid 1001) id DBF94151A2; Sat, 20 Nov 1999 17:20:48 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by funky.monkey.org (Postfix) with ESMTP id CDDC814A01; Sat, 20 Nov 1999 17:20:48 -0500 (EST) Date: Sat, 20 Nov 1999 17:20:48 -0500 (EST) From: Dug Song To: Peter Losher Cc: freebsd-security@freebsd.org, openssh-unix-dev@mindrot.org Subject: Re: OpenSSH & Kerberos 5? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 18 Nov 1999, Peter Losher wrote: > Has anyone gotten OpenSSH (v1.2) to work with KRB5? I have > defined Kerberos by typing 'make KERBEROS=YES' and it defaults to > KerberosIV as such in /usr/ports/security/openssh/: OpenSSH currently only supports Kerberos v4. sorry. :-( the Kerberos v5 support that was integrated into the original SSH was based on my earlier Kerberos v4 patch - but it was implemented using the same SSH auth protocol message types, so support for the two versions are currently mutually exclusive. :-( there may be some magic we can do to auto-detect/negotiate the version of Kerberos being spoken, but i don't have any spare cycles to work on it right now. any other Kerberos ppl willing to help? > If there is a OpenSSH mailing list that this would be better > served in, let me know (I couldn't find one on the OpenSSH web site). Damien Miller is hosting one, at least until openssh.org is transferred to the OpenSSH project. see http://violet.ibs.com.au/openssh/list.html -d. --- http://www.monkey.org/~dugsong/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message