[OpenAFS-devel] OpenSSH support for krb4/afs

Jeffrey Hutzelman jhutz@cmu.edu
Thu, 04 Sep 2003 11:32:37 -0400


On Thursday, September 04, 2003 16:59:56 +0200 Harald Barth 
<haba@pdc.kth.se> wrote:

>
>>   is there anyone who would help the OpenSSH guys to include
>> back the krb4 support? As they did not know how to fix problems,
>> they rather removed the support as a whole. :((
>
> I think krb5 and AFS (with 2b) gives me everything I would need. Any
> reason to keep v4?
>
> What is the status of v5 ticket forwarding in ssh today?

There is a standards-track extension to the SSHv2 protocol which adds 
GSSAPI-based user authentication, including credential delegation for those 
mechanisms which support it (such as GSS-KRB5).  It has been implemented in 
a variety of SSH clients and servers; there are patches available for 
OpenSSH 3.x, and I believe the new method will be included in the upcoming 
OpenSSH 3.7 release.

-- Jeff