GSSAPIDelegateCredentials only works for REQUIRES_PRE_AUTH principals?
Adam Megacz
megacz at cs.berkeley.edu
Thu Jun 10 14:40:28 EDT 2010
Russ Allbery <rra at stanford.edu> writes:
> I haven't looked at the code personally, but what I recall from what other
> people have said is that the code is structured so that doing proper error
> reporting is fairly difficult.
I can see how it might be difficult to get a message back to the client,
but it can't be all that hard to syslog it at the server... I don't find
that too discouraging.
> It can also quite hard to get OpenSSH upstream to take GSSAPI-related
> patches, depending on how those patches strike them.
This, on the other hand, is very discouraging.
Thanks for the heads-up.
- a
More information about the Kerberos
mailing list