[Discuss] GSS KEX broken since (GSI-)OpenSSH 8.0p1
Frank Scheiner
scheiner at hlrs.de
Tue Feb 9 17:48:18 CET 2021
Dear community,
this concerns all users of GSI-OpenSSH:
During (re-)integration of the HPN patches in more recent GSI-OpenSSH
versions and testing the resulting binaries I detected that the GSS key
exchange (KEX) - and therefore GSI authentication - is broken since
(GSI-)OpenSSH 8.0p1 with the exception of the SHA1 based GSS group
exchange (GEX).
I created an issue about that in the GitHub repo of the maintainer(s) of
the GSS KEX patches for OpenSSH:
https://github.com/openssh-gsskex/openssh-gsskex/issues/18
Until now I wasn't able to find the exact error and so far this was not
taken up by the maintainers of the GSS KEX patches for OpenSSH (used by
both Fedora and Debian). So I'd be happy for any support or "publicity".
E.g. if you consider that as important as I do, comment on the above
referenced issue appropriately.
Please find more details in the above mentioned issue.
Best regards,
Frank Scheiner
--
Frank Scheiner
High Performance Computing Center Stuttgart (HLRS)
Department Project User Management & Accounting
Email: scheiner at hlrs.de
Phone: +49 711 685 68039
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2837 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.egi.eu/pipermail/discuss/attachments/20210209/bb51a61f/attachment.p7s>
More information about the discuss
mailing list