ssh-keygen (+kerberos +afs) opens NULL filename
Martin MOKREJŠ
mmokrejs at natur.cuni.cz
Thu Oct 17 18:05:15 EST 2002
On Thu, 17 Oct 2002, mho wrote:
> In message <Pine.OSF.4.44.0210161637140.315366-100000 at tao.natur.cuni.cz>, =?iso
> -8859-2?Q?Martin_MOKREJ=A9?= writes:
>
> >Juest tried kerberos without afs and still crashes. So, --with-kerberos4
> >is the cause. Once more - KTH KRB4-1.2 from
> >ftp://ftp.pdc.kth.se/pub/krb4/src
>
> What OpenSSL version are you using, and how is it compiled?
The binary was installed on Sep 25, I think it is actually
openssl-0.9.6-stable-SNAP-20020914.tar.gz. I know that some snapshots
failed in "make test" step. I posted an email to some openssl devel/bugs
list, but no replies so far. The version which I installed is the one
which passed tests. And I think it is the
openssl-0.9.6-stable-SNAP-20020914.tar.gz file.
When running configure for openssh-3.5p1 I get:
checking OpenSSL header version... 906080 (OpenSSL 0.9.6h-dev xx XXX xxxx)
checking OpenSSL library version... 906080 (OpenSSL 0.9.6h-dev xx XXX xxxx)
checking whether OpenSSL's headers match the library... yes
checking whether OpenSSL's PRNG is internally seeded... yes
OpenSSH has been configured with the following options:
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/man/manX
PID file: /var/run
Privilege separation chroot path: /var/empty
sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
Manpage format: man
PAM support: yes
KerberosIV support: yes
KerberosV support: no
Smartcard support: no
AFS support: yes
S/KEY support: no
TCP Wrappers support: yes
MD5 password support: no
IP address in $DISPLAY hack: no
Use IPv4 by default hack: no
Translate v4 in v6 hack: no
BSD Auth support: no
Random number source: OpenSSL internal ONLY
Host: sparc-sun-solaris2.6
Compiler: gcc
Compiler flags: -I/software/@sys/usr/include -I/software/@sys/usr/include/ncurses -I/software/@sys/usr/openssl/include -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: -I/software/@sys/usr/openssl/include -Iyes -I/software/@sys/usr/include -I/software/@sys/usr/include/ncurses -I/software/@sys/usr/openssl/include -I/usr/local/include -I/usr/athena/include -I/usr/afsws/include
Linker flags: -L/software/@sys/usr/openssl/lib -R/software/@sys/usr/openssl/lib -Lyes -Ryes -L/usr/local/lib -R/usr/local/lib -L/usr/athena/lib -R/usr/athena/lib -L/usr/afsws/lib
Libraries: -lwrap -lpam -ldl -lkafs -lresolv -ldes -lkrb -lz -lsocket -lnsl -L/usr/local/lib -L/software/@sys/usr/lib -L/software/@sys/usr/openssl/lib -L/usr/lib -lcrypto -ldes
PAM is enabled. You may need to install a PAM control file
for sshd, otherwise password authentication may fail.
Example PAM control files can be found in the contrib/
subdirectory
> (I think I saw similar things a while ago when I had tried to
> compile a 64-bit OpenSSL).
>
> Is the OpenSSL compiled with the same compiler you are using for
> OpenSSH?
Yes, as I reinstalled /usr/local (actually moved most of the stuff to
/afs/@sys tree). I use gcc-3.0.4, self compiled on this machine.
>
> Is your krb4-1.2 linked against OpenSSL?
Yes, and against exactly same one.
> (Who is currently at the stage (on sun4x_58) where ssh protocol 1
> seems to work OK with krb5 tickets but proto 2 does strange things
> with KRB5CCNAME and requires password/key to log in:-))
Ask Jan Iven, who wrote some patches for openssh. ;)
>
--
Martin Mokrejs <mmokrejs at natur.cuni.cz>, <m.mokrejs at gsf.de>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany
tel.: +49-89-3187 3683 , fax: +49-89-3187 3585
More information about the openssh-unix-dev
mailing list