[OpenAFS] OpenSSH 3.5p1 + ~/.shosts + token passing?
Charles Clancy
security@xauth.net
Fri, 8 Nov 2002 01:00:18 -0600 (CST)
> It seems like ~/.shosts and token passing with OpenSSH 3.5p1
> is broke. Or at least, I couldn't get it to work until I
> hacked the source some. All I did--more or less--was re-add
> code that was in the 2.3.0 (auth1.c) source. It seems like
> somebody removed code for ~/.shosts + token passing somewhere
> between 2.3.0 and 3.5.
>
> Does anybody know what's up with that? Or am I on the bleeding
> edge here? Or have I lost my marbles again?
Before, token passing was allowed in the authentication phase. Now it's a
session phase thing. From what I recall, it should work if you upgrade
your SSH client.
This code section seems particularly useful:
/* XXX - punt on backward compatibility here. */
...
case SSH_CMSG_HAVE_AFS_TOKEN:
packet_send_debug("AFS token passing disabled before authentication.");
break;
...
[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]