Problems connecting to Solaris 10 SSH from GSSAPI-keyexpatchedOpenssh 4.2p1

Henry B. Hotz hotz at
Mon Sep 26 12:26:10 EDT 2005

When will those patches be available at your web site?


On Sep 26, 2005, at 9:02 AM, krbdev-request at wrote:

> Date: Mon, 26 Sep 2005 16:34:22 +0100
> From: Simon Wilkinson <simon at>
> To: Rob See <rob at>
> Cc: krbdev at
> Subject: Re: Problems connecting to Solaris 10 SSH from
> 	GSSAPI-keyexpatchedOpenssh 4.2p1
> Message-ID: <433814FE.107 at>
> In-Reply-To: <433810A7.1000507 at>
> References: <433810A7.1000507 at>
> Content-Type: text/plain; charset=ISO-8859-1
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Precedence: list
> Message: 2
> Rob See wrote:
>>     I'm having problems connecting to Solaris 10 SSH from Openssh  
>> 4.2p1
>> patched with Simon Wilkinson's gssapi-keyex patch or the Globus GSSAPI
>> patch. Openssh is compiled against kerberos 1.4.2. The connections  
>> fail
>> if I have a current kerberos ticket. The stock Openssh connects ok,  
>> but
>> the ticket doesn't get passed from one machine to another. Below are  
>> the
>> Openssh Client logs and the Solaris SSH Server logs. Does anyone have
>> any suggestions on how I might get this working  ?
> There's a bug in my patches in the way they handle a server sending the
> (optional) hostkey message during key exchange. This is fixed, along
> with assorted other bugs and issues in the key exchange code, in my
> updated patches for 4.2p1.
> Cheers,
> Simon.
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at, or hbhotz at

More information about the krbdev mailing list