Re: MIT Kerberos and OpenSSH

From: Jeremie Le Hen (jeremie_at_le-hen.org)
Date: 01/11/05

  • Next message: Marian Hettwer: "Re: MIT Kerberos and OpenSSH" 
    Date: Tue, 11 Jan 2005 15:27:39 +0100
To: Gareth Hopkins <gareth@uunet.co.za>

    > Is there a way to get the default BSD 5.3 openssh to compile
    > against the MIT kerberos libraries? I have set NO_KERBEROS=yes in
    > /etc/make.conf so
    > that the heimdal kerberos is not built, and rebuilt world, then installed
    > /usr/ports/security/krb5 and rebuilt world again. sshd is however not being
    > built against MIT at all.
    >
    > [root@foobar] ~ # ldd /usr/sbin/sshd
    > /usr/sbin/sshd:
    > libssh.so.2 => /usr/lib/libssh.so.2 (0x28098000)
    > libutil.so.4 => /lib/libutil.so.4 (0x280c7000)
    > libz.so.2 => /lib/libz.so.2 (0x280d3000)
    > libwrap.so.3 => /usr/lib/libwrap.so.3 (0x280e3000)
    > libpam.so.2 => /usr/lib/libpam.so.2 (0x280eb000)
    > libcrypto.so.3 => /lib/libcrypto.so.3 (0x280f2000)
    > libcrypt.so.2 => /lib/libcrypt.so.2 (0x281e7000)
    > libc.so.5 => /lib/libc.so.5 (0x281ff000)

    I'm not a buildworld guru, but I think that with NO_KERBEROS=yes,
    /usr/bin/sshd(8) will obviously NOT be linked with any krb library.
    IMHO, you should build OpenSSH from ports with the KERBEROS=yes knob.

    Hope this helps.
    Regards, 

    -- 
Jeremie Le Hen
jeremie@le-hen.org
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Marian Hettwer: "Re: MIT Kerberos and OpenSSH"

    Relevant Pages

    • Re: MIT Kerberos and OpenSSH
      ... > that the heimdal kerberos is not built, and rebuilt world, then installed ... > built against MIT at all. ...
      (FreeBSD-Security)
    • Re: python for loop
      ... offsets and the like. ... FORTRAN was built (and rebuilt, ... Which rather begs the question of how varied intuition ...
      (comp.lang.python)
    • RE: Dependency problems
      ... I know that the project is being rebuilt because I see the output in the ... it will not be built. ... Also, for .NET projects, I know that as long as the project has not been ... are you checking the file update date of the output file ...
      (microsoft.public.vsnet.general)
    • Re: Keswick
      ... Transport understand as no-one has recently built or rebuilt a simple ... line such as ours on a closed construction site. ... or rebuilt a simple line such as ours on a closed construction site" ...
      (uk.railway)
    • Re: web pages only show as files
      ... G'day DavidF ... When I rebuilt the pages in Pub 2003, they were completely new pages - text, ... I built my web pages in Pub 98 with no problems at all - they published ... When I got Publisher 2003 I built a new set of web pages - all worked ...
      (microsoft.public.publisher.webdesign)