ssh-keygen (+kerberos +afs) opens NULL filename

Martin MOKREJŠ mmokrejs at natur.cuni.cz
Thu Oct 17 18:05:15 EST 2002


On Thu, 17 Oct 2002, mho wrote:

> In message <Pine.OSF.4.44.0210161637140.315366-100000 at tao.natur.cuni.cz>, =?iso
> -8859-2?Q?Martin_MOKREJ=A9?= writes:
>
> >Juest tried kerberos without afs and still crashes. So, --with-kerberos4
> >is the cause. Once more - KTH KRB4-1.2 from
> >ftp://ftp.pdc.kth.se/pub/krb4/src
>
> What OpenSSL version are you using, and how is it compiled?

The binary was installed on Sep 25, I think it is actually
openssl-0.9.6-stable-SNAP-20020914.tar.gz. I know that some snapshots
failed in "make test" step. I posted an email to some openssl devel/bugs
list, but no replies so far. The version which I installed is the one
which passed tests. And I think it is the
openssl-0.9.6-stable-SNAP-20020914.tar.gz file.

When running configure for openssh-3.5p1 I get:

checking OpenSSL header version... 906080 (OpenSSL 0.9.6h-dev xx XXX xxxx)
checking OpenSSL library version... 906080 (OpenSSL 0.9.6h-dev xx XXX xxxx)
checking whether OpenSSL's headers match the library... yes
checking whether OpenSSL's PRNG is internally seeded... yes


OpenSSH has been configured with the following options:
                     User binaries: /usr/local/bin
                   System binaries: /usr/local/sbin
               Configuration files: /usr/local/etc
                   Askpass program: /usr/local/libexec/ssh-askpass
                      Manual pages: /usr/local/man/manX
                          PID file: /var/run
  Privilege separation chroot path: /var/empty
            sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                    Manpage format: man
                       PAM support: yes
                KerberosIV support: yes
                 KerberosV support: no
                 Smartcard support: no
                       AFS support: yes
                     S/KEY support: no
              TCP Wrappers support: yes
              MD5 password support: no
       IP address in $DISPLAY hack: no
          Use IPv4 by default hack: no
           Translate v4 in v6 hack: no
                  BSD Auth support: no
              Random number source: OpenSSL internal ONLY

              Host: sparc-sun-solaris2.6
          Compiler: gcc
    Compiler flags: -I/software/@sys/usr/include -I/software/@sys/usr/include/ncurses -I/software/@sys/usr/openssl/include -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: -I/software/@sys/usr/openssl/include -Iyes -I/software/@sys/usr/include -I/software/@sys/usr/include/ncurses -I/software/@sys/usr/openssl/include -I/usr/local/include -I/usr/athena/include -I/usr/afsws/include
      Linker flags: -L/software/@sys/usr/openssl/lib -R/software/@sys/usr/openssl/lib -Lyes -Ryes  -L/usr/local/lib -R/usr/local/lib -L/usr/athena/lib -R/usr/athena/lib -L/usr/afsws/lib
         Libraries: -lwrap -lpam -ldl -lkafs -lresolv -ldes -lkrb -lz -lsocket -lnsl -L/usr/local/lib -L/software/@sys/usr/lib -L/software/@sys/usr/openssl/lib -L/usr/lib -lcrypto -ldes

PAM is enabled. You may need to install a PAM control file
for sshd, otherwise password authentication may fail.
Example PAM control files can be found in the contrib/
subdirectory



> (I think I saw similar things a while ago when I had tried to
> compile a 64-bit OpenSSL).
>
> Is the OpenSSL compiled with the same compiler you are using for
> OpenSSH?

Yes, as I reinstalled /usr/local (actually moved most of the stuff to
/afs/@sys tree). I use gcc-3.0.4, self compiled on this machine.

>
> Is your krb4-1.2 linked against OpenSSL?

Yes, and against exactly same one.

> (Who is currently at the stage (on sun4x_58) where ssh protocol 1
> seems to work OK with krb5 tickets but proto 2 does strange things
> with KRB5CCNAME and requires password/key to log in:-))

Ask Jan Iven, who wrote some patches for openssh. ;)

>

-- 
Martin Mokrejs <mmokrejs at natur.cuni.cz>, <m.mokrejs at gsf.de>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany
tel.: +49-89-3187 3683 , fax: +49-89-3187 3585




More information about the openssh-unix-dev mailing list