Kerberos password authentication and SSH2
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Fri Jan 12 08:45:19 EST 2001
On Thu, Jan 11, 2001 at 02:42:51PM -0500, Kevin Sullivan wrote:
> #ifdef KRB4
> /* turn off kerberos, not supported by SSH2 */
> options.kerberos_authentication = 0;
> #endif
>
> If I remove this snippet of code, then all works as expected and SSH2 users
> can authenticate. Why is this code here? Will I open a security hole by
> removing the code? I understand that ticket-forwarding, etc won't work.
you cannot remove this code and expect to automagically
get a full implementation of kerberosIV + SSH2.
until recently, there was no spec for kerberos over SSH2.
but perhaps kerberos-password authentication works, this needs
to be tested...
-markus
More information about the openssh-unix-dev
mailing list