On Mon, 2009-11-16 at 16:53 -0500, Broekman, Maarten wrote: > Greg, > One thing I realized is that I forgot to mention is that I also > tried using the scan_interfaces and extra_addresses tags in my krb5.conf > but that didn't help. From the manpage for the krb5.conf these looked > like they might have addressed the issue.
Those settings don't pertain to this code. > Also ssh suffers from the > same problem as gssftp so I'm guessing this is a more general issue and > not specific to gssftp. Stock OpenSSH sshd has the same coding issue as ftpd, yes. If your sshd had the gss-keyex patch, you could control this behavior with the GSSAPIStrictAcceptorCheck config variable, but unfortunately Red Hat is not one of the OS vendors who incorporate the gss-keyex patch. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
