[OpenAFS-devel] OpenSSH support for krb4/afs
Jeffrey Hutzelman
jhutz@cmu.edu
Thu, 04 Sep 2003 11:32:37 -0400
On Thursday, September 04, 2003 16:59:56 +0200 Harald Barth
<haba@pdc.kth.se> wrote:
>
>> is there anyone who would help the OpenSSH guys to include
>> back the krb4 support? As they did not know how to fix problems,
>> they rather removed the support as a whole. :((
>
> I think krb5 and AFS (with 2b) gives me everything I would need. Any
> reason to keep v4?
>
> What is the status of v5 ticket forwarding in ssh today?
There is a standards-track extension to the SSHv2 protocol which adds
GSSAPI-based user authentication, including credential delegation for those
mechanisms which support it (such as GSS-KRB5). It has been implemented in
a variety of SSH clients and servers; there are patches available for
OpenSSH 3.x, and I believe the new method will be included in the upcoming
OpenSSH 3.7 release.
-- Jeff