FreeBSD 8.2: state of Kerberos, GSS-API and (Cyrus) SASL?

Jan Henrik Sylvester me at
Mon Jan 31 16:43:21 UTC 2011

On 01/-10/-28163 20:59, Vallo Kallaste wrote:
> Googling for the subject keywords gave me quite disturbing overall
> feeling. I have no personal experience but it seems that things are
> broken from the second half of 2010 and still not recovered? I got

GSSAPI of Heimdal 1.1 in FreeBSD base is still broken, GSSAPI of Heimdal 
1.4 in ports is supposed to work, but I have not been successful with 
Cyrus SASL (see below).

> KDC up and working on 8.2-RC2 base Heimdal without any glitch, but
> this is to be expected. What's the state about GSS-API and
> cyrus-sasl2 integration with base Heimdal? With ports Heimdal? Can I
> replace base Heimdal with one from ports, is it supported? Any
> make.conf knobs to fiddle with? Any info appreciated.

I am struggling with exactly the same problem. Unfortunately, I got no 
reply on this list about it:

If you get any further, please, tell me. I am thinking about reposting 
my question to a different list: stable as that is where the earlier 
discussions happened or ports as that seems more appropriate.

What I have not tried, yet, is using MIT Kerberos from ports instead of 
Heimdal, but since we use Heimdal here for everything, I am kind of 
reluctant. (Otherwise, I would have to setup some Linux server...)

Jan Henrik

More information about the freebsd-questions mailing list