sshd, Tiger and KRB5CCNAME
Simon Wilkinson
simon at sxw.org.uk
Tue Aug 29 10:13:41 EDT 2006
On 25 Aug 2006, at 19:58, Alexandra Ellwood wrote:
>
> Is the CCAPI patch even in what went out in the Tiger security
> update? AFAICT, it's not, so perhaps the machines where it isn't
> working have taken the update and the others have not.
No, it is. It looks like the Tiger security update combines the 4.2p1
OpenSSH release, with the latest version of my GSSAPI patches. These
patches included CCAPI support, but had a mistake where 'FILE:' was
appended to the ccname when creating the environment variable for the
ccache, rather than using 'API:'. You can get access to the delegated
cache by either changing, or unsetting, your KRB5CCNAME shell variable
GssapiKeyExchange is also present, but is now hidden behind an option
defaulting to off.
Simon.
More information about the Kerberos
mailing list