ANNOUNCE: Hurdo-0.1.1 - Kerberos credential authenticated sudo.

g.w@hurderos.org g.w at hurderos.org
Fri Apr 29 03:18:56 EDT 2011


Good morning, hope the day is starting out well for everyone.

I'd like to announce the availability of a minor upgrade to the Hurdo
package.  The update is available at the following URL:

ftp://ftp.hurderos.org/pub/Hurdo/Hurdo-0.1.1.tar.gz

Hurdo implements a framework for OpenSSH to support interactive
Kerberos credential export to a remote host.  The package also
includes a patch to sudo which allows the exported credentials to be
used to authenticate a privilege escalation request.

In combination these patches allow sudo to be used 'safely' in a
Kerberos environment.  Standard Kerberos support for sudo either
natively or through the use of PAM requires a Kerberos password to be
entered into a remote host which carries with it a system wide
security threat if the remote host is compromised.

This update features the following changes:

0.1.0 -> 0.1.1
	* Update sudo patch to sudo-1.7.6.

	* Added patch for SSH against openssh-5.6p1 patched with most
	  recent version of key exchange patch (201101).

	* No functionality changes.

Best wishes for a pleasant weekend.

As always,
Greg Wettstein

------------------------------------------------------------------------------
			 The Hurderos Project

"The greatest pleasure in life is doing what other people say you cannot do."
                                -- W. Bagehot



More information about the Kerberos mailing list