From owner-freebsd-current@FreeBSD.ORG Thu Jul 16 12:00:48 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 632D91065679 for ; Thu, 16 Jul 2009 12:00:48 +0000 (UTC) (envelope-from john.marshall@riverwillow.com.au) Received: from mail1.riverwillow.net.au (mail1.riverwillow.net.au [203.58.93.36]) by mx1.freebsd.org (Postfix) with ESMTP id B41F78FC28 for ; Thu, 16 Jul 2009 12:00:47 +0000 (UTC) (envelope-from john.marshall@riverwillow.com.au) Received: from rwpc12.mby.riverwillow.net.au (rwpc12.mby.riverwillow.net.au [172.25.24.168]) (authenticated bits=0) by mail1.riverwillow.net.au (8.14.3/8.14.3) with ESMTP id n6GC0ioe080599 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 16 Jul 2009 22:00:45 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=riverwillow.com.au; s=m1001; t=1247745645; bh=9XgXu0lxvKOTj9/cViyhJx7C7Bm0LNAoirKgPNkH4yk=; h=Date:From:To:Subject:Message-ID:References:Mime-Version: Content-Type:In-Reply-To; b=tubu2VcHJ83tj497F43XxVrPyUw3DJPE7pPImTUp84tG6vNeSlgeKIXpoV4GK0rwc CLAUxESnX/XMalklxoVvTcQR4Z6TXIRs1co7jKUYJhC868MyDS1koCQzRZ9GFUQ0Fb w5lHu8/sbpXoZz629Vea+2PwYBninOtjuFsVzemM= Received: from rwpc12.mby.riverwillow.net.au (localhost [127.0.0.1]) by rwpc12.mby.riverwillow.net.au (8.14.3/8.14.3) with ESMTP id n6GC0iI9018427 for ; Thu, 16 Jul 2009 22:00:44 +1000 (AEST) (envelope-from john.marshall@riverwillow.com.au) Received: (from john@localhost) by rwpc12.mby.riverwillow.net.au (8.14.3/8.14.3/Submit) id n6GC0i9n018426 for freebsd-current@freebsd.org; Thu, 16 Jul 2009 22:00:44 +1000 (AEST) (envelope-from john) Date: Thu, 16 Jul 2009 22:00:44 +1000 From: John Marshall To: freebsd-current@freebsd.org Message-ID: <20090716120043.GC17677@rwpc12.mby.riverwillow.net.au> Mail-Followup-To: freebsd-current@freebsd.org References: <20090708085202.GS1025@rwpc12.mby.riverwillow.net.au> <20090714053357.GH982@rwpc12.mby.riverwillow.net.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="YD3LsXFS42OYHhNZ" Content-Disposition: inline In-Reply-To: <20090714053357.GH982@rwpc12.mby.riverwillow.net.au> User-Agent: Mutt/1.4.2.3i OpenPGP: id=A29A84A2; url=http://pki.riverwillow.net.au/pgp/johnmarshall.asc Subject: Re: sshd GSSAPIAuthentication broken after 8.0-BETA1 upgrade X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jul 2009 12:00:48 -0000 --YD3LsXFS42OYHhNZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, 14 Jul 2009, 15:33 +1000, John Marshall wrote: > On Wed, 08 Jul 2009, 18:52 +1000, John Marshall wrote: > > I source upgraded a (test) server here (i386) from 7.2-RELEASE-p2 to > > 8.0-BETA1 this morning. I use GSSAPI as the primary authentication > > method for sshd on that server. After the upgrade GSSAPI authentication > > stopped working and I can't get enough information to figure out why. > > Perhaps the newer version of Heimdal behaves differently? Perhaps the > > newer version of sshd behaves differently? I think I've isolated this to the newer version of OpenSSH (5.2p1). Another service (squid) on this 8.0-BETA1 server authenticates clients via GSSAPI with no complaint. If I install the OpenSSH port (5.2p1) on a 7.2-RELEASE server I am seeing the same problem I am observing on 8.0-BETA1. --=20 John Marshall --YD3LsXFS42OYHhNZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEARECAAYFAkpfFmsACgkQw/tAaKKahKIOzACgyE5pmPgg+Th+izSbtPCduY0R CbUAn33JNtddIYVDawzIq7z0I2Fa41eT =TUya -----END PGP SIGNATURE----- --YD3LsXFS42OYHhNZ--