ANNOUNCE: Hurdo-0.1.1 - Kerberos credential authenticated sudo.
g.w@hurderos.org
g.w at hurderos.org
Fri Apr 29 03:18:56 EDT 2011
Good morning, hope the day is starting out well for everyone.
I'd like to announce the availability of a minor upgrade to the Hurdo
package. The update is available at the following URL:
ftp://ftp.hurderos.org/pub/Hurdo/Hurdo-0.1.1.tar.gz
Hurdo implements a framework for OpenSSH to support interactive
Kerberos credential export to a remote host. The package also
includes a patch to sudo which allows the exported credentials to be
used to authenticate a privilege escalation request.
In combination these patches allow sudo to be used 'safely' in a
Kerberos environment. Standard Kerberos support for sudo either
natively or through the use of PAM requires a Kerberos password to be
entered into a remote host which carries with it a system wide
security threat if the remote host is compromised.
This update features the following changes:
0.1.0 -> 0.1.1
* Update sudo patch to sudo-1.7.6.
* Added patch for SSH against openssh-5.6p1 patched with most
recent version of key exchange patch (201101).
* No functionality changes.
Best wishes for a pleasant weekend.
As always,
Greg Wettstein
------------------------------------------------------------------------------
The Hurderos Project
"The greatest pleasure in life is doing what other people say you cannot do."
-- W. Bagehot
More information about the Kerberos
mailing list