OpenSSH/kerberos compile problem.

From: Mark Hannessen (mark_at_nperfection.com)
Date: 07/06/05

  • Next message: Mojito Jones: "RE: shutting down dictionary attacks"
    To: secureshell@securityfocus.com
    Date: Wed, 6 Jul 2005 19:58:51 +0200
    
    

    hi list,

    I am trying to compile openssh (4.1p1) with kerberos5 support.
    ./configure --prefix=/usr --with-kerberos5

    I am running the following system:
    LFS linux 5.0
    gcc (GCC) 3.4.3
    glibc 2.3.2
    MIT Kerberos 1.4.1

    configure runs fine, no errors, but sometime after running "make" it dies with
    the following error.

    gcc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o
    sshpty.o sshlogin.o servconf.o serverloop.o auth.o auth1.o auth2.o
    auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o
    auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o
    auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o
    auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o loginrec.o auth-pam.o
    auth-shadow.o auth-sia.o md5crypt.o audit.o audit-bsm.o -L. -Lopenbsd-compat/  
    -L/usr/local/lib -lssh -lopenbsd-compat   -lresolv -lcrypto -lutil -lz -lnsl  
    -lcrypt -lgssapi -lkrb5 -lk5crypto -lcom_err
    gss-serv.o: In function `ssh_gssapi_getclient':
    /tmp/openssh-4.0p1/gss-serv.c:218: undefined reference to `gss_export_name'
    gss-serv-krb5.o: In function `ssh_gssapi_krb5_storecreds':
    /tmp/openssh-4.0p1/gss-serv-krb5.c:183: undefined reference to
    `gss_krb5_copy_ccache'
    collect2: ld returned 1 exit status
    make: *** [sshd] Error 1

    anyone any idea what might cause this problem?
    I already tries reinstalling the kerberos library's and updating them to the
    latest version. but it didn't seem to help.

    Mark Hannessen.


  • Next message: Mojito Jones: "RE: shutting down dictionary attacks"

    Relevant Pages

    • Re: pam_krb5-3.5 on AIX / gcc: -b must come at the start of the command line
      ... compiler used to build Kerberos. ... build on gcc I opted to struggle through the build using gcc. ... maintain my own branch of kerberos libraries my boxen. ... want to minimize the dependencies of the resulting binaries. ...
      (comp.protocols.kerberos)
    • Re: pam_krb5-3.5 on AIX / gcc: -b must come at the start of the command line
      ... compiler used to build Kerberos. ... I built kerberos with IBM C and used gcc for the pam_krb5 module. ... maintain my own branch of kerberos libraries my boxen. ... want to minimize the dependencies of the resulting binaries. ...
      (comp.protocols.kerberos)
    • pam_krb5-3.5 on AIX / gcc: -b must come at the start of the command line
      ... gcc: '-b' must come at the start of the command line ... I've found various references to this issue on other applications that ... resolved in kerberos around version 1.3 or so; ... kerberos server, only the AD gives it troubles. ...
      (comp.protocols.kerberos)
    • pam_krb5-3.5 on AIX / gcc: -b must come at the start of the command line
      ... I am attempting to build pam_krb5-3.5 on AIX 5.3 with gcc 4.0.0 and I'm running into some type of gcc error: ... I've found various references to this issue on other applications that pointed to errors with linker flags and what-not, nothing I found seemed applicable to my problem. ... From what I have read it appears this was a known issue with AD switching from udp to tcp for users with large numbers of groups and was resolved in kerberos around version 1.3 or so; my older libraries would seem to be suspect. ... Otherwise it does work when talking to a native kerberos server, only the AD gives it troubles. ...
      (comp.protocols.kerberos)
    • Re: Heimdal with OpenLDAP backend: Cannot open /usr/lib/hdb_ldap.so
      ... I am part of the group that develops MIT Kerberos ... regarding documentation. ... Kerberos V setup instructions seem to be a dead end when using ...
      (freebsd-current)