Patch to enable GSSAPI bits in openssh-portable

[Peter Losher]

Hi -

Attached are patches to ssh{d}_config to enable the relevant bits when
you compile Krb5/GSSAPI support in. (currently they are turned off)
They also enable PermitRootLogin without-password (for those who want to
allow authentication w/ a Krb5 ticket @root)

Please consider these patches for inclusion into the openssh-portable
port (when Krb5 support is detected and compiled in)

Best Wishes - Peter
--
Peter_Losher at isc.org | ISC | OpenPGP 0xE8048D08 | "The bits must flow"
-------------- next part --------------
--- ssh_config.orig	Fri Feb 18 21:11:35 2005
+++ ssh_config	Fri Feb 18 21:12:03 2005
@@ -35,3 +35,4 @@
 #   Cipher 3des
 #   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
 #   EscapeChar ~
+GSSAPIAuthentication yes
-------------- next part --------------
--- sshd_config.orig	Fri Feb 18 21:10:13 2005
+++ sshd_config	Fri Feb 18 21:11:28 2005
@@ -34,7 +34,7 @@

 #LoginGraceTime 2m
 #PermitRootLogin yes
-PermitRootLogin no
+PermitRootLogin without-password
 #StrictModes yes
 #MaxAuthTries 6

@@ -61,13 +61,13 @@
 ChallengeResponseAuthentication no

 # Kerberos options
-#KerberosAuthentication no
+KerberosAuthentication yes
 #KerberosOrLocalPasswd yes
 #KerberosTicketCleanup yes
 #KerberosGetAFSToken no

 # GSSAPI options
-#GSSAPIAuthentication no
+GSSAPIAuthentication yes
 #GSSAPICleanupCredentials yes

 # Set this to 'yes' to enable PAM authentication, account processing,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20050223/16e124b2/signature.bin