Date: Fri, 21 Aug 2009 11:52:40 +0200 From: "Matthias Andree" <matthias.andree@gmx.de> To: "John Marshall" <john.marshall@riverwillow.com.au>, freebsd-ports@freebsd.org Subject: Re: OpenSSH 5.2p1 with GSSAPI Authentication Message-ID: <op.uy0a121k1e62zd@balu.cs.uni-paderborn.de> In-Reply-To: <20090821070126.GJ2675@rwpc12.mby.riverwillow.net.au> References: <20090821070126.GJ2675@rwpc12.mby.riverwillow.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 21.08.2009, 09:01 Uhr, schrieb John Marshall <john.marshall@riverwillow.com.au>: > Does *anybody* have this working? > > I've been using SSH with GSSAPI authentication for a couple of years but > found it no longer worked with sshd on an FreeBSD 8.0-BETA. FreeBSD > 8.0-BETA has OpenSSH 5.2p1 included in the base system. I have tried > installing the OpenSSH 5.2p1 port (security/openssh-portable) on FreeBSD > 7.2 servers and I can't get that to work either. sshd from the OpenSSH > 5.1p1 included in the 7.n base system works fine. > > The only common denominator in all of my testing has been OpenSSH 5.2p1. > The debug logging from sshd shows that the gssapi library returns an > authentication failure; but gssapi authentication for squid and ldap > work fine on the same box (both 7.2 and 8.0). > > I'm stuck. The OpenSSH folks say that nothing has changed that would > break gssapi authentication. > > Does *anybody* have this working? How does this relate to your post on -CURRENT where you suggest upgrade Heimdal for 8.0 from 1.1.0 to 1.2.1 (you wrote that you needed that for OpenLDAP)? Have you built OpenSSH against Heimdal 1.2.1 or against 1.1.0? -- Matthias Andree
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.uy0a121k1e62zd>