[PATCH] Set KRB5PRINCIPAL in user environment

David Newall openssh at davidnewall.com
Sat Mar 17 01:22:44 AEDT 2018


There are two things that you've said which strike a chord with me.

First is the patch which exports SSH_GSSAPI_DISPLAYNAME.  The reason why 
this strikes a chord with me is that I've had a similar need, but 
exporting the client's public key.  I developed a small patch and have 
been patching servers on the machines on which I have that need.  It 
never occurred to me that it might be something that I should seek to 
share with the wider community. Should I?  The patch is attached (unless 
this is a "strip all mime" list.)  It could be neater, for example by 
removing the debug statements.  Note that it exports the client's public 
key regardless of whether the session was authenticated using the 
corresponding private key.  (I'm happy to discuss why that was useful to 
me, but it's not really germane at this juncture.)

The second important thing that you said is that this is something: a) 
useful; b) for which a patch has been developed; c) years ago; and d) 
has been ignored.  Does OpenSSH need more people with write access to 
the source?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-pubkey-env.patch
Type: text/x-patch
Size: 4227 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20180317/c6647276/attachment.bin>

More information about the openssh-unix-dev mailing list