ANNOUNCE: Hurdo-0.1.1 - Kerberos credential authenticated sudo. g.w at
Fri Apr 29 03:18:56 EDT 2011

Good morning, hope the day is starting out well for everyone.

I'd like to announce the availability of a minor upgrade to the Hurdo
package.  The update is available at the following URL:

Hurdo implements a framework for OpenSSH to support interactive
Kerberos credential export to a remote host.  The package also
includes a patch to sudo which allows the exported credentials to be
used to authenticate a privilege escalation request.

In combination these patches allow sudo to be used 'safely' in a
Kerberos environment.  Standard Kerberos support for sudo either
natively or through the use of PAM requires a Kerberos password to be
entered into a remote host which carries with it a system wide
security threat if the remote host is compromised.

This update features the following changes:

0.1.0 -> 0.1.1
	* Update sudo patch to sudo-1.7.6.

	* Added patch for SSH against openssh-5.6p1 patched with most
	  recent version of key exchange patch (201101).

	* No functionality changes.

Best wishes for a pleasant weekend.

As always,
Greg Wettstein

			 The Hurderos Project

"The greatest pleasure in life is doing what other people say you cannot do."
                                -- W. Bagehot

More information about the krbdev mailing list