[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: heimdal 0.8.1 troubles

On Jun 19, 2007, at 11:35 AM, vadim wrote:

> Hi all,
> I have openssh+heimdal-0.6.4 boxes and solaris 10 ssh boxes. As KDC I
> use MS AD.
> If I ssh from any of them to openssh+heimdal-0.8.1 I always get error
> message which sounds like "Decrypt integrity whatsoever failed".
> The fact, that heimdal-0.8.1 has troubles to be an GSSAPI acceptor  
> with
> heimdal-0.6.4 as an initiator is somehow surprising. In fact, I do not
> observe same problems between heimdal 0.6.4 and 0.7.2 (despite of the
> fact, that 0.6.4 has less interoperability issues with solaris 10
> kerberos implementation -:)).
> Can it be that something became fundamentally broken in heimdal 0.8.1?
> best regards, vadim tarassov

IIRC older Heimdal had some compatibility bug w.r.t. other K5/GSSAPI  
implementations.  There's probably some extra compatibility code in  
0.8.1 to work with the broken versions.

Love would know for sure.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu