Kerberos and OpenSSH - Was:Kerberos password auth/expiry kbdint patch
Markus Friedl
markus at openbsd.org
Fri May 16 00:30:16 EST 2003
On Thu, May 15, 2003 at 02:50:23PM +0100, Simon Wilkinson wrote:
>
> > The changes to the server to support kerberos-2 at ssh.com are about 30
> > lines of new code in two files.
> >
> > Simon's code: 36 files changed, 3321 insertions(+), 9 deletions(-)
>
> I take your point that the GSSAPI code is more complex, but you're not
> really comparing like with like.
Of course this depends on your point of view.
To me simplicity of the server code is currently more important.
The "kerberos-2" changes add _no_ new code that's executed by the
privileged part of sshd and only about 30 lines for the unprivileged
half of sshd.
-markus
More information about the openssh-unix-dev
mailing list