windigo post-mortem

Daniel Kahn Gillmor dkg at
Sat Mar 22 01:04:03 EST 2014

On Fri 2014-03-21 03:35:20 -0400, Damien Miller <djm at> wrote:
> What is Is it linked to by some vendor patch? AFAIK
> pristine OpenSSH never links to it.

It's for the Linux kernel's stored-key API.

From debian:

Package: libkeyutils1
Source: keyutils
Version: 1.5.6-1
Installed-Size: 20
Maintainer: Luk Claes <luk at>
Architecture: amd64
Depends: libc6 (>= 2.14)
Pre-Depends: multiarch-support
Description-en: Linux Key Management Utilities (library)
 Keyutils is a set of utilities for managing the key retention facility in the
 kernel, which can be used by filesystems, block devices and more to gain and
 retain the authorization and encryption keys required to perform secure
 This package provides a wrapper library for the key management facility system
Description-md5: 5c4d88a0a818e5ef897f2a9fa5c3ac2d
Multi-Arch: same
Tag: implemented-in::c, role::shared-lib
Section: libs
Priority: standard
Filename: pool/main/k/keyutils/libkeyutils1_1.5.6-1_amd64.deb
Size: 8758
MD5sum: cec68a56387ef750ca89716761f59ed2
SHA1: fd7b6baa5aca294775ef8f9c51e65e003d641ed9
SHA256: b8f0d88776c44d59d30528d8ef81dba3a2519a53b71c8fe915a406f2e7a49bf1

It is a reverse dependency of libkrb5-3 and other k5 libraries, so it's
brought in by the gssapi vendor patchset, i think.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list