Possibility of backporting of Heimdal 1.1
Galen Sampson
galen.sampson at gmail.com
Mon Oct 6 21:44:33 UTC 2008
I would like to second that. The heimdal in 7.0 is quite old. It is in
fact inoperable with an mit kerberos realm when using ssh. The byte
order is incorrect such that you get MIC checksum failures. After much
googling (not documented in the krb5.conf man page or handbook) I found
that a fix was added in the heimdal in 7.0, but defaults to the old
incompatible byte order. The heimdal in current uses the correct byte
order by default. For those having the this issue with freebsd 7.0 the
fix is adding the following lines to /etc/krb5.conf:
[gssapi]
correct_des3_mic = host/*@SOME.REALM
Gunnar Flygt wrote:
> Is there any possibility that heimdal 1.1 that works beautifully in
> Current will be backported to FreeBSD-7.x?
>
> Gunnar Flygt
> Sveriges Radio Teknik/IT
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
More information about the freebsd-stable
mailing list