Kerberos and OpenSSH - Was:Kerberos password auth/expiry kbdint patch

Damien Miller djm at mindrot.org
Fri May 16 09:36:23 EST 2003


Booker Bense wrote:

>>>> Because in the end we are held accountable.  Not Simon, not
>>>> you and not IETF.
>>
>> - So you'd rather go with an implementation that has KNOWN flaws,
>> just because it's short?


Well our lists have been strangely silent on these flaws, considering we
have been using the same code for our protocol 1 KrbV auth for years.

-d






More information about the openssh-unix-dev mailing list