MIT Kerberos and OpenSSH
Tom Rhodes
trhodes at FreeBSD.org
Wed Jan 12 07:33:23 PST 2005
On Tue, 11 Jan 2005 19:02:27 +0200 (SAST)
Gareth Hopkins <ghopkins at uunet.co.za> wrote:
> On Tue, 11 Jan 2005, Marian Hettwer wrote:
>
> MH>Hej There,
> MH>
> MH>Jeremie Le Hen wrote:
> MH>>
> MH>>
> MH>> I'm not a buildworld guru, but I think that with NO_KERBEROS=yes,
> MH>> /usr/bin/sshd(8) will obviously NOT be linked with any krb library.
> MH>not true at all. NO_KERBEROS=yes says that heimdal kerberos shouldn't be
> MH>compiled, AFAIK.
> MH>
> MH>> IMHO, you should build OpenSSH from ports with the KERBEROS=yes knob.
> MH>>
> MH>that's the way I would go.
> MH>However, you need to make sure that the Ports OpenSSH doesn't interfer with
> MH>the Base OpenSSH.
>
> Howdie,
>
> Thanks for the replies. The reason for setting NO_KERBEROS is I do
> not want heimdal kerberos built, as I want to use the MIT package.
>
> There must be a way to get the base system openssh to build against
> the installed MIT port.
Have you asked Mark Murray about this? I think he has worked
with Kerberos in the base system.
--
Tom Rhodes
More information about the freebsd-security
mailing list