Date: Wed, 23 May 2001 12:15:29 -0700 (PDT) From: Peter Losher <Peter.Losher@nominum.com> To: "Jacques A. Vidrine" <n@nectar.com> Cc: Peter Losher <Peter.Losher@nominum.com>, <freebsd-stable@freebsd.org> Subject: Re: OpenSSH and Krb5, FreeBSD style... Message-ID: <Pine.NEB.4.33.0105231124500.9543-100000@shell1.nominum.com> In-Reply-To: <20010523111132.B441@shade.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 23 May 2001, Jacques A. Vidrine wrote: > On Wed, May 23, 2001 at 09:04:43AM -0700, Peter Losher wrote: > > First off, it shouldn't be looking at /usr/lib for any Kerberos libraries, > > it should be looking at /usr/local/krb5/lib as defined in configure. I > > will go ahead and take a look at the Makefiles for SSH2, but is there any > > way to prevent this 'mis-lookup'? > > This is a bug in SSH2's configure/build mechanism. Sounds like the > author neglected to be sure that if you specify where to find > libraries, that you feed those paths to the linker first. It is not > uncommon. Fix it, and send patches back to the author. Good news - I finally got the OpenSSH client to do Kerberos on my 4.3-RELEASE box (My problem was that I uncommented almost all of the Kerberos options, when only KerberosAuthenication was needed/supported) Ticket Authenication seems to work fine doing 'ssh -1', 'ssh -2' goes to password auth. Bad news, UW-IMAP suffers from the same linker problem <sigh>. Also, SSHD refuses to take any Krb5 authentication, tkt or password. I installed pam_krb5 from ports, replaced the commented out Krb4 line under sshd with one for pam_krb5.so, and now sshd segfaults whenever you type in a Kerberos password. <sigh> The joys of debugging - Any ideas? -Peter -- Peter.Losher@nominum.com - [ Systems Admin. | Nominum, Inc. ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.33.0105231124500.9543-100000>