Re: sshd, Tiger and KRB5CCNAME

---

• From: simon@xxxxxxxxxx (Simon Wilkinson)
• Date: Tue, 29 Aug 2006 15:13:41 +0100

---

On 25 Aug 2006, at 19:58, Alexandra Ellwood wrote:

Is the CCAPI patch even in what went out in the Tiger security
update? AFAICT, it's not, so perhaps the machines where it isn't
working have taken the update and the others have not.

No, it is. It looks like the Tiger security update combines the 4.2p1
OpenSSH release, with the latest version of my GSSAPI patches. These
patches included CCAPI support, but had a mistake where 'FILE:' was
appended to the ccname when creating the environment variable for the
ccache, rather than using 'API:'. You can get access to the delegated
cache by either changing, or unsetting, your KRB5CCNAME shell variable

GssapiKeyExchange is also present, but is now hidden behind an option
defaulting to off.

Simon.


________________________________________________
Kerberos mailing list Kerberos@xxxxxxx
https://mailman.mit.edu/mailman/listinfo/kerberos

.

---

• Follow-Ups:
  • Re: sshd, Tiger and KRB5CCNAME
    • From: Alexandra Ellwood

• References:
  • Re: sshd, Tiger and KRB5CCNAME
    • From: simon
  • Re: sshd, Tiger and KRB5CCNAME
    • From: Alexandra Ellwood

• Prev by Date: Re: krb5_db_init being used in do_as_req.c
• Next by Date: Re: sshd, Tiger and KRB5CCNAME
• Previous by thread: Re: sshd, Tiger and KRB5CCNAME
• Next by thread: Re: sshd, Tiger and KRB5CCNAME
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.protocols.kerberos  > 2006-08