Patch to enable GSSAPI bits in openssh-portable
Peter Losher
Peter_Losher at isc.org
Thu Feb 24 05:28:08 GMT 2005
Hi -
Attached are patches to ssh{d}_config to enable the relevant bits when
you compile Krb5/GSSAPI support in. (currently they are turned off)
They also enable PermitRootLogin without-password (for those who want to
allow authentication w/ a Krb5 ticket @root)
Please consider these patches for inclusion into the openssh-portable
port (when Krb5 support is detected and compiled in)
Best Wishes - Peter
--
Peter_Losher at isc.org | ISC | OpenPGP 0xE8048D08 | "The bits must flow"
-------------- next part --------------
--- ssh_config.orig Fri Feb 18 21:11:35 2005
+++ ssh_config Fri Feb 18 21:12:03 2005
@@ -35,3 +35,4 @@
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
+GSSAPIAuthentication yes
-------------- next part --------------
--- sshd_config.orig Fri Feb 18 21:10:13 2005
+++ sshd_config Fri Feb 18 21:11:28 2005
@@ -34,7 +34,7 @@
#LoginGraceTime 2m
#PermitRootLogin yes
-PermitRootLogin no
+PermitRootLogin without-password
#StrictModes yes
#MaxAuthTries 6
@@ -61,13 +61,13 @@
ChallengeResponseAuthentication no
# Kerberos options
-#KerberosAuthentication no
+KerberosAuthentication yes
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
-#GSSAPIAuthentication no
+GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20050223/16e124b2/signature.bin
More information about the freebsd-ports
mailing list