[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heimdal and r* client programs
Tillman Hodgson wrote:
> On Tue, Aug 13, 2002 at 07:00:36PM -0400, Jason Garman wrote:
> > On Tue, Aug 13, 2002 at 01:49:58PM -0600, Tillman Hodgson wrote:
> > >
> > > Following up my own question, I can ssh to a kerberized machines with
> > > the version 1 protocol. It's version 2 (and automatically getting the
> > > TGT) that I'm interested in.
> > >
> > Look at http://www.sxw.org.uk/computing/patches/openssh.html. Note
> > however that last time I tried to use this patch with Heimdal I ran into
> > problems (since the MIT and Heimdal GSSAPI API are different, sigh...)
> > There's also a few other small patches I made for built in AFS aklog
> > support and there was some issue with saving generated TGTs from a
> > password login to the credentials cache. Let me know if you have any
> > issues.
> Does the TGT-upon-login work with version 1 of the ssh protocol? I've
> been playing with the GSSAPI version 2 stuff, and I'd like to compare it
> to the version 1 stuff.
If you are interested in the the GSSAPI for version 1, I do have mods to Simon's
mods. The SecureCRT product has a GSSAPI capability with version 1, which we have been
using for years. We intend to drop these when the GSSAPI for version 2 is implemented.
If you are interested, drop me a note, and what version of OpenSSH you have.
> I think it only makes sense to seek out and identify structures of authority,
> hierarchy, and domination in every aspect of life, and to challenge them;
> unless a justification for them can be given, they are illegitimate, and
> should be dismantled, to increase the scope of human freedom.
> - Noam Chomsky (Red and Black Revolution, 1996)
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439