Kerberos and OpenSSH - Was:Kerberos password auth/expiry kbdint patch

Theo de Raadt deraadt at
Sat May 17 06:09:40 EST 2003

We have a very rational answer to the GSSAPI issue.

The code is too large.  Large blocks of code contain more errors.
OpenSSH strives to be more secure for everyone, and not risk their
security for a gigantic piece of functionality that less than < 0.001%
of the user community wants.

Simplicity reigns.

OpenSSH is a security sensitive piece of software.  Designing gigantic
addons to try to improve security is a ridiculous mistake; I am still
astounded by how many people keep building increasingly complicated
components to be used in security sensitive applications.

You want GSSAPI in OpenSSH?  Start simplifying it so that we can trust
it won't compromise the security of everyone else.  This is your task,
not ours.

I can't believe people keep talking about MITM attacks when buffer
overflows plague so many pieces of software.  So you want to solve
MITM attacks using how many lines of code that might have a buffer
overflows, integer overflows, and who knows what else?

Are you that completely out of touch with the current state of what is
being attacked?

I think this mail from me is being as nice as possible considering
this constant bullshit that arrives in my mailbox about this; if this
continued spew of rude mail from GSSAPI proponents keeps coming to the
OpenSSH group, you might prepare for having even more Kerberos
components being ripped out.  Adjust your attitude.  You may not talk
to us like that.

More information about the openssh-unix-dev mailing list