On Thu, Dec 20, 2001 at 08:42:28PM +0000, Simon Wilkinson wrote: > Mathieu Nantel ([EMAIL PROTECTED]) wrote: > : Thanks for the answers. I guess I'll give OpenSSH another try at > : compiling with Kerberos. I've read that the problems I used to have were > : due to the implementation that they did which had functions that were > : only compatible with the Heimdal release. I didn't verify this fact > : though, so if anyone could clarify, that would he a handful. > > The entire ssh (and OpenSSH) with Kerberos history is a little complex. > I'll try and clarify things a bit: > > So after that, now for the good news - things could be better with v2. > There is a draft in the IETF secure shell working group which > describes a standard means of adding GSSAPI support to ssh protocol 2. > As others have noted, this draft removes the need for host keys when > using GSSAPI to secure the key exchange. I've implemented this draft > for OpenSSH, and it should work with both MIT and Heimdal Kerberos. I'm > eager to hear of progress with SEAM.
A note: Simon's patches to OpenSSH for GSS-API/Kerberos V support ROCK. > Hope that is of some use! > > Cheers, > > Simon. Thanks Simon, Nico -- -DISCLAIMER: an automatically appended disclaimer may follow. By posting- -to a public e-mail mailing list I hereby grant permission to distribute- -and copy this message.- Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
