Bug#128888: marked as done (ITP: ssh-krb5 - A version of OpenSSH patched to support Kerberos Authentication)

To: Sam Hartman <hartmans@debian.org>
Cc: wnpp@debian.org
Subject: Bug#128888: marked as done (ITP: ssh-krb5 - A version of OpenSSH patched to support Kerberos Authentication)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 19 Jan 2002 14:19:29 -0600
Message-id: <[🔎] handler.128888.D128888.101147111116816.ackdone@bugs.debian.org>
In-reply-to: <E16S1Xy-0007X3-00@pandora.debian.org>
References: <E16S1Xy-0007X3-00@pandora.debian.org> <[🔎] tsl3d1bemq2.fsf@loggerhead.mekinok.com>

Your message dated Sat, 19 Jan 2002 20:53:02 +0100
with message-id <E16S1Xy-0007X3-00@pandora.debian.org>
and subject line Bug#128888: fixed in openssh-krb5 3.0.2p1-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 12 Jan 2002 13:13:27 +0000
>From hartmans@debian.org Sat Jan 12 07:13:27 2002
Return-path: <hartmans@debian.org>
Received: from loggerhead.mekinok.com (server0.mekinok.com) [4.36.43.98] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 16PNyQ-0005ZH-00; Sat, 12 Jan 2002 07:13:27 -0600
Received: by server0.mekinok.com (Postfix, from userid 8042)
	id 2FDDE1F160; Sat, 12 Jan 2002 08:13:26 -0500 (EST)
Sender: hartmans@loggerhead.mekinok.com
To: submit@bugs.debian.org
Subject: ITP: ssh-krb5 - A version of OpenSSH patched to support Kerberos Authentication
x-debbugs-cc: debian-kerberos@mekinok.com, debian-devel@lists.debian.org, debian-ssh@lists.debian.org
From: Sam Hartman <hartmans@debian.org>
Date: 12 Jan 2002 08:13:25 -0500
Message-ID: <[🔎] tsl3d1bemq2.fsf@loggerhead.mekinok.com>
Lines: 128
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Delivered-To: submit@bugs.debian.org

--=-=-=

package: wnpp
severity: wishlist

Hi.  AS discussed below, I intend to package OpenSSH using the current
Debian sources with patches to allow krb5 authentication.  I will use
the patches available at
http://www.sxw.org.uk/computing/patches/openssh.html.  These patches
attempt to comply with draft-ietf-secsh-gss-keyex along with some of
the more common other types of Kerberos authentication.

The Kerberos packaging will follow guidelines agreed on by Debian
kerberos package maintainers and included in
/usr/share/doc/krb5-config/packaging-guidelines.txt.gz.  The package
will likely build withe either Heimdal or MIT Kerberos, although the
version uploaded to non-us will  be compiled against MIT Kerberos.  

Below is previous discussion on this package attempting to justify the
need for yet another ssh package in Debian.




--=-=-=
Content-Type: message/rfc822
Content-Disposition: inline

X-Sieve: cmu-sieve 2.0
Return-Path: <debian-kerberos-admin@mekinok.com>
Received: from loggerhead.mekinok.com (localhost [127.0.0.1])
	by server0.mekinok.com (Postfix) with ESMTP
	id 657751F179; Fri, 11 Jan 2002 16:27:15 -0500 (EST)
Delivered-To: debian-kerberos@mekinok.com
Received: by server0.mekinok.com (Postfix, from userid 8042)
	id 616681EA7B; Fri, 11 Jan 2002 05:46:28 -0500 (EST)
To: debian-ssh@lists.debian.org
Cc: debian-kerberos@mekinok.com
Subject: [Sam Hartman <hartmans@mekinok.com>] Handling ssh
From: Sam Hartman <hartmans@debian.org>
Message-ID: <tslg05dcghn.fsf@loggerhead.mekinok.com>
Lines: 72
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
Sender: debian-kerberos-admin@mekinok.com
Errors-To: debian-kerberos-admin@mekinok.com
X-BeenThere: debian-kerberos@mekinok.com
X-Mailman-Version: 2.0.8
Precedence: bulk
List-Help: <mailto:debian-kerberos-request@mekinok.com?subject=help>
List-Post: <mailto:debian-kerberos@mekinok.com>
List-Subscribe: <http://mailman.boxedpenguin.com/mailman/listinfo/debian-kerberos>,
	<mailto:debian-kerberos-request@mekinok.com?subject=subscribe>
List-Id: Integrating Kerberos in Debian <debian-kerberos.mekinok.com>
List-Unsubscribe: <http://mailman.boxedpenguin.com/mailman/listinfo/debian-kerberos>,
	<mailto:debian-kerberos-request@mekinok.com?subject=unsubscribe>
List-Archive: <http://mailman.boxedpenguin.com/pipermail/debian-kerberos/>
Date: 11 Jan 2002 05:46:28 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===-=-="

--===-=-=


Hi.  I sent mail to ssh@packages.debian.org about tthis a while back.
I heard no response.  It is my intent to ITP ssh-krb5 as a package at
priority extra that conflicts with the existing ssh.  I will probably
store configuration files in /etc/ssh rather than /etc/ssh-krb5
because I believe that some time after woody releases we will be able
to get these changes folded into OpenSSH upstream and then hopefully
into the main Debian ssh packages.

This is a heads up for the Kerberos and Ssh community in Debian.






--===-=-=
Content-Type: message/rfc822
Content-Disposition: inline

X-Sieve: cmu-sieve 2.0
Return-Path: <debian-kerberos-admin@mekinok.com>
Received: from loggerhead.mekinok.com (localhost [127.0.0.1])
	by server0.mekinok.com (Postfix) with ESMTP
	id 07EB61EFDC; Wed, 14 Nov 2001 09:35:04 -0500 (EST)
Delivered-To: debian-kerberos@mekinok.com
Received: by server0.mekinok.com (Postfix, from userid 8042)
	id EA6C21EFDC; Wed, 14 Nov 2001 09:34:12 -0500 (EST)
From: Sam Hartman <hartmans@mekinok.com>
To: debian-kerberos@mekinok.com
Subject: Handling ssh
Message-Id: <20011114143412.EA6C21EFDC@server0.mekinok.com>
Sender: debian-kerberos-admin@mekinok.com
Errors-To: debian-kerberos-admin@mekinok.com
X-BeenThere: debian-kerberos@mekinok.com
X-Mailman-Version: 2.0.5
Precedence: bulk
List-Help: <mailto:debian-kerberos-request@mekinok.com?subject=help>
List-Post: <mailto:debian-kerberos@mekinok.com>
List-Subscribe: <http://mailman.boxedpenguin.com/mailman/listinfo/debian-kerberos>,
	<mailto:debian-kerberos-request@mekinok.com?subject=subscribe>
List-Id: Integrating Kerberos in Debian <debian-kerberos.mekinok.com>
List-Unsubscribe: <http://mailman.boxedpenguin.com/mailman/listinfo/debian-kerberos>,
	<mailto:debian-kerberos-request@mekinok.com?subject=unsubscribe>
List-Archive: <http://mailman.boxedpenguin.com/pipermail/debian-kerberos/>
Date: Wed, 14 Nov 2001 09:34:12 -0500 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii



So I suspect I'm not the only one on this list that would like
Kerberized ssh in Debian.  However ssh is somewhat of a moving target;
here are the things we probably want to support:

* The ssh.com sshv1 Kerberos5 protocol (used by MIT among others)
* The ssh Kerberos4 protocol (used by CMU and others) (Is this the
    same  as the krb4 in openssh?)
* draft-ietf-secsh-gss-keyex (standards track protocol)
* The krb5 support in sxw's patches to Openssh 2.5.2 (does anyone use
* this?
   no would be a really really convenient answer)

I propose that I talk to the ssh maintainer and get permission to ITP
an ssh-krb5 that supports the first three listed protocols.I believe
code will exist to do that fairly soon.  I'd rather do that than fold
in Kerberos support because it is so much of a moving target right now
and because it would be asking the ssh maintainer to maintain a lot of
third-party patches.


Reasonable?

_______________________________________________
Debian-kerberos mailing list
Debian-kerberos@mekinok.com
http://mailman.boxedpenguin.com/mailman/listinfo/debian-kerberos

--===-=-=--

--=-=-=--

---------------------------------------
Received: (at 128888-close) by bugs.debian.org; 19 Jan 2002 20:11:51 +0000
>From troup@pandora.debian.org Sat Jan 19 14:11:51 2002
Return-path: <troup@pandora.debian.org>
Received: from pandora.debian.org [132.229.137.249] (mail)
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 16S1qA-0004N7-00; Sat, 19 Jan 2002 14:11:51 -0600
Received: from troup by pandora.debian.org with local (Exim 3.12 1 (Debian))
	id 16S1Xy-0007X3-00; Sat, 19 Jan 2002 20:53:02 +0100
From: Sam Hartman <hartmans@debian.org>
To: 128888-close@bugs.debian.org
X-Katie: $Revision: 1.67 $
Subject: Bug#128888: fixed in openssh-krb5 3.0.2p1-1
Message-Id: <E16S1Xy-0007X3-00@pandora.debian.org>
Sender: James Troup <troup@pandora.debian.org>
Date: Sat, 19 Jan 2002 20:53:02 +0100
Delivered-To: 128888-close@bugs.debian.org

We believe that the bug you reported is fixed in the latest version of
openssh-krb5, which has been installed in the Debian FTP archive:

openssh-krb5_3.0.2p1-1.diff.gz
  to pool/non-US/main/o/openssh-krb5/openssh-krb5_3.0.2p1-1.diff.gz
openssh-krb5_3.0.2p1-1.dsc
  to pool/non-US/main/o/openssh-krb5/openssh-krb5_3.0.2p1-1.dsc
openssh-krb5_3.0.2p1.orig.tar.gz
  to pool/non-US/main/o/openssh-krb5/openssh-krb5_3.0.2p1.orig.tar.gz
ssh-krb5_3.0.2p1-1_i386.deb
  to pool/non-US/main/o/openssh-krb5/ssh-krb5_3.0.2p1-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 128888@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sam Hartman <hartmans@debian.org> (supplier of updated openssh-krb5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 14 Jan 2002 09:10:05 -0500
Source: openssh-krb5
Binary: ssh-krb5
Architecture: source i386
Version: 3.0.2p1-1
Distribution: unstable
Urgency: low
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description: 
 ssh-krb5   - Secure rlogin/rsh/rcp replacement (OpenSSH with Kerberos)
Closes: 128888
Changes: 
 openssh-krb5 (3.0.2p1-1) unstable; urgency=low
 .
   * Package supporting krb4 and krb5, Closes: #128888
   * Disable krb4 for now; there are some issues I'm working through  and
     disscussing on comp.protocols.kerbers; a new version should appear
     soon that works for krb4.  Both krb5 modes seem to work though, so it
     is worth releasing  with one known missing feature.
Files: 
 82ab186421b170c340e92bccc5b923e9 759 non-US/main extra openssh-krb5_3.0.2p1-1.dsc
 2fa62bf878862cb47a7515c35afe35b6 781092 non-US/main extra openssh-krb5_3.0.2p1.orig.tar.gz
 c3ab4b00e614eca32f73f020d3202b0a 161441 non-US/main extra openssh-krb5_3.0.2p1-1.diff.gz
 91b1ec40a90cb8649dfb28e5c9473aa9 617858 non-US/main extra ssh-krb5_3.0.2p1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjxDUYEACgkQ/I12czyGJg+NSACeJBwe1vLZ2fRoTBhXAs3rlUp/
Ov0Ani48HeVM49rk+PpEilzsHqOD6B9k
=3og5
-----END PGP SIGNATURE-----

Reply to:

References:
- Bug#128888: ITP: ssh-krb5 - A version of OpenSSH patched to support Kerberos Authentication
  - From: Sam Hartman <hartmans@debian.org>

Prev by Date: Bug#118133: marked as done (ITP: libcrypt-des-perl -- Perl DES module)
Next by Date: Bug#129586: marked as done (ITA: libgc -- Conservative garbage collector for C)
Previous by thread: Bug#128888: ITP: ssh-krb5 - A version of OpenSSH patched to support Kerberos Authentication
Next by thread: Bug#125837: marked as done (ITP: bash-completion -- Small script to use enhanced completion in bash.)
Index(es):
- Date
- Thread