[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sun Oct 15 04:44:04 AEDT 2023


Oliver Freyermuth <o.freyermuth at googlemail.com> changed:

           What    |Removed                     |Added
                 CC|                            |o.freyermuth at googlemail.com

--- Comment #19 from Oliver Freyermuth <o.freyermuth at googlemail.com> ---
Since most distros carry downstream patches by now to implement this
feature, and some of them introduce new potentially security relevant
bugs (I have seen memory corruption on some distros) and maintenance
problems when new versions are released, it seems to me that the
security of OpenSSH downstream (i.e. what users experience as OpenSSH)
is degraded in the current situation. So as a security-conscious user,
I'd really love to see this functionality upstream. 

As several downstream patches tested over years exist in distros, it
would be great to get a signal by upstream on whether this
functionality is not wanted upstream at all (i.e., closing this as
WONTFIX) or whether one of the patches is eligible, but would need
changes, such that the downstream community has some directions to help
to upstream this feature. 

You are receiving this mail because:
You are the assignee for the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list