[Bug 2063] New: RFE: export principal which was used for .k5login

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jan 17 00:55:38 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=2063

            Bug ID: 2063
           Summary: RFE: export principal which was used for .k5login
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 6.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Kerberos support
          Assignee: unassigned-bugs at mindrot.org
          Reporter: enrico.scholz at sigma-chemnitz.de

It would be nice to have information which principal was used for log
in 
via .k5login.  E.g. 'gitolite' uses by default ssh public keys (where
real identity can be easily recorded by environment/commands in
~/.ssh/authorized_keys) and it will be trivial to implement a similar
mechanism for kerberos auth, when original principal is exported
somehow.

A patch is available at

http://geggus.net/sven/blogfiles/GSS_AUTH_KRB5_PRINC-env4openssh.diff


See

http://blog.gegg.us/2012/07/using-gitolite-with-kerberos-authentication/
https://groups.google.com/forum/?fromgroups=#!topic/comp.protocols.kerberos/6b7tSA-og0k

for some more discussions.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list