[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal and r* client programs

Tillman Hodgson wrote:
> On Tue, Aug 13, 2002 at 07:00:36PM -0400, Jason Garman wrote:
> > On Tue, Aug 13, 2002 at 01:49:58PM -0600, Tillman Hodgson wrote:
> > >
> > > Following up my own question, I can ssh to a kerberized machines with
> > > the version 1 protocol. It's version 2 (and automatically getting the
> > > TGT) that I'm interested in.
> > >
> > Look at http://www.sxw.org.uk/computing/patches/openssh.html.  Note
> > however that last time I tried to use this patch with Heimdal I ran into
> > problems (since the MIT and Heimdal GSSAPI API are different, sigh...)
> >
> > There's also a few other small patches I made for built in AFS aklog
> > support and there was some issue with saving generated TGTs from a
> > password login to the credentials cache.  Let me know if you have any
> > issues.
> Does the TGT-upon-login work with version 1 of the ssh protocol? I've
> been playing with the GSSAPI version 2 stuff, and I'd like to compare it
> to the version 1 stuff.

If you are interested in the the GSSAPI for version 1, I do have mods to Simon's
mods. The SecureCRT product has a GSSAPI capability with  version 1, which we have been
using for years. We intend to drop these when the GSSAPI for version 2 is implemented. 

If you are interested, drop me a note, and what version of OpenSSH you have.
> -T
> --
> I think it only makes sense to seek out and identify structures of authority,
> hierarchy, and domination in every aspect of life, and to challenge them;
> unless a justification for them can be given, they are illegitimate, and
> should be dismantled, to increase the scope of human freedom.
>         - Noam Chomsky (Red and Black Revolution, 1996)


 Douglas E. Engert  <DEEngert@anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444