Re: OpenSSH 8.7p1 update for the base system

From: Benjamin Kaduk <>
Date: Sat, 4 Sep 2021 21:04:07 -0700
Hi Ed,

I'm not sure whether this would be something for the release notes or not,
but I believe that making privilege separation mandatory causes GSSAPI
credential delegation to essentially not work.  (There are several pieces
that interact to make this happen, and I don't expect you to do any work to
try to fix it; this would just be a question of whether any documentation
of the change should occur.)


On Sat, Sep 04, 2021 at 11:59:06AM -0400, Ed Maste wrote:
> I'm preparing to update OpenSSH in the FreeBSD base system to 8.7p1,
> and am sharing an initial patch for testing.
> The update is available from a branch in my github repo:
> (commit 0afe07936bbd37a1b91ead95f580c47ccc16df79)
> Also as a diff against main:
> In addition I have a review open in Phabricator, although it is quite
> awkward to usefully review a vendor update presented like this.
> If you give it a try please let me know what you've tested out.
Received on Sun Sep 05 2021 - 04:04:07 UTC

Original text of this message