Kerberos and OpenSSH - Was:Kerberos password auth/expiry kbdint patch

Markus Friedl markus at
Fri May 16 00:30:16 EST 2003

On Thu, May 15, 2003 at 02:50:23PM +0100, Simon Wilkinson wrote:
> > The changes to the server to support kerberos-2 at are about 30
> > lines of new code in two files.
> >
> > Simon's code: 36 files changed, 3321 insertions(+), 9 deletions(-)
> I take your point that the GSSAPI code is more complex, but you're not
> really comparing like with like.

Of course this depends on your point of view.

To me simplicity of the server code is currently more important.

The "kerberos-2" changes add _no_ new code that's executed by the
privileged part of sshd and only about 30 lines for the unprivileged
half of sshd.


More information about the openssh-unix-dev mailing list