Bug#474246: openssh-server: sshd no longer handles GSSAPIStrictAcceptorCheck no
Package: openssh-server
Version: 1:4.7p1-7
Severity: normal
Previoulsy in 4.6 (maybe earlier?), you could set
GSSAPIStrictAcceptorCheck to no, which would allow for authenticating
using any key in the keytab for the system, allowing you to log in to
a multi-homed address. Looking through the diff, support for this is
missing, other then handling the option in the config file.
Setting the option to no has no effect. Perhaps part of the patch got
dropped somehow?
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-server depends on:
ii adduser 3.107 add and remove users and groups
ii debconf [debconf-2.0] 1.5.20 Debian configuration management sy
ii dpkg 1.14.16.6 package maintenance system for Deb
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libcomerr2 1.40.8-2 common error description library
ii libkrb53 1.6.dfsg.3~beta1-4 MIT Kerberos runtime libraries
ii libpam-modules 0.99.7.1-6 Pluggable Authentication Modules f
ii libpam-runtime 0.99.7.1-6 Runtime support for the PAM librar
ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l
ii libselinux1 2.0.59-1 SELinux shared libraries
ii libssl0.9.8 0.9.8g-8 SSL shared libraries
ii libwrap0 7.6.dbs-14 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-6 Linux Standard Base 3.2 init scrip
ii openssh-client 1:4.7p1-7 secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
Versions of packages openssh-server recommends:
ii xauth 1:1.0.3-1 X authentication utility
-- debconf information:
* ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/disable_cr_auth: false
* ssh/encrypted_host_key_but_no_keygen:
Reply to: