krb5-1.2.8 on cygwin + kerberized ssh

Bob.Smart at csiro.au Bob.Smart at csiro.au
Fri May 30 17:29:25 EST 2003


I have made a bit of progress since I compiled
krb5-1.2.6.

./configure --with-cc=gcc --without-krb4 --disable-dns-for-kdc

It would be nice if there was an option to just
compile client stuff.

The resolv library problem went away. I don't know
if that was a change to krb5 or to cygwin. Bison
problems also went away.

Still need to add
      #include <errno.h>
to src/util/ss/ss_internal.h, otherwise the
linker gives _errno errors.

I didn't have libutil installed when I did the
configure and I found I needed to add -lutil to
the link of login.krb5 in src/appl/bsd.

After that everything seemed to work (against an
AD KDC). I tried kinit, klist and telnet -a.
It seemed to create the file in /tmp with
appropriate NTFS security restrictions.

Next I successfully compiled kerberized ssh. Now
I can ssh without mucking with ssh keys everywhere.
It would also be nice if openssh had an option for 
only compiling client stuff. Now I only need to 
integrate ms2mit and I'll be in SSO heaven 
[naturally ms2mit doesn't put the mit tgt in the 
right place for cygwin]

I suspect that the client parts of krb5 and
openssh don't require all that cygwin heavy
lifting and could be compiled with mingw with
a bit of effort.

Given that kerberos is a unifying feature linking
windows and unix it would be nice to see kerberos
and kerberized apps in cygwin.

Bob




More information about the openssh-unix-dev mailing list