Possibility of backporting of Heimdal 1.1

Mike Tancsa mike at sentex.net
Tue Oct 7 14:57:02 UTC 2008

At 05:24 PM 10/6/2008, Galen Sampson wrote:
>I would like to second that.  The heimdal in 7.0 is quite old.  It 
>is in fact inoperable with an mit kerberos realm when using 
>ssh.  The byte order is incorrect such that you get MIC checksum 
>failures.  After much googling (not documented in the krb5.conf man 
>page or handbook) I found that a fix was added in the heimdal in 
>7.0, but defaults to the old incompatible byte order.  The heimdal 
>in current uses the correct byte order by default.  For those having 
>the this issue with freebsd 7.0 the fix is adding the following 
>lines to /etc/krb5.conf:
>correct_des3_mic = host/*@SOME.REALM
>Gunnar Flygt wrote:
>>Is there any possibility that heimdal 1.1 that works beautifully in
>>Current will be backported to FreeBSD-7.x?
>>Gunnar Flygt
>>Sveriges Radio Teknik/IT

I think someone mentioned the possibility of post 7.1R. But not 100% sure


More information about the freebsd-stable mailing list