Pending OpenSSH release, call for testing.
Markus Moeller
huaraz at moeller.plus.com
Sun Sep 12 21:17:16 EST 2004
I haven't thought of inetd usage, I have to see how to get the right hostname in that
case.
I also don't know if my patch is the best solution to it as I have seen other approaches
which uses GSS_C_NO_NAME.
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=108023034206980&w=2
Thanks
Markus
On Sat Sep 11 14:42 , Darren Tucker <dtucker at zip.com.au> sent:
>Markus Moeller wrote:
>> Could you add to this release a patch which allows gssapi to be used on a
multihomed server please ?
>>
>> There have been several proposals in the past to fix this in
>> ssh_gssapi_acquire_cred
>> .
>> .
>> - if (gethostname(lname, MAXHOSTNAMELEN))
>> - return (-1);
>> + lname = get_local_hostname(packet_get_connection_in());
>
>Won't that break Kerberos authenticaton for sshd in inetd mode?
>
>--
>Darren Tucker (dtucker at zip.com.au)
>GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
>usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list