Re: [Curdle] [SSH] GSS key exchange methods

To: "Basney, Jim" <jbasney%illinois.edu@localhost>
Subject: Re: [Curdle] [SSH] GSS key exchange methods
From: Benjamin Kaduk <kaduk%MIT.EDU@localhost>
Date: Sun, 11 Sep 2016 14:42:20 -0400 (EDT)

On Sun, 11 Sep 2016, Basney, Jim wrote:

> On 9/10/16, 1:35 AM, denis bider (Bitvise) wrote:
> >Does anyone else second these suggestions?
>
> I do. Science projects like ligo.org and xsede.org rely on RFC 4462 SSH
> GSS-API Key Exchange using multiple GSS mechanisms including X.509 [1],
> SAML [2], and EAP [3]. We use patches [4] that add GSS-API Key Exchange
> support to OpenSSH, and we'd update the patches to support new GSS-API Key
> Exchange methods.

Do note that Simon is no longer actively maintaining those patchsets; I
believe the best place to send updates is a pull request to
https://github.com/gss-openssh/openssh-portable (which is itself a bit
under-loved), though I would be happy to hear that there is an alternate
home for such patches.

-Ben

> Regards,
> Jim
>
> [1] https://github.com/globus/gsi-openssh
> [2] https://github.com/fedushare/mech_saml_ec
> [3] https://wiki.moonshot.ja.net/display/Moonshot/Source+Access
> [4] http://www.sxw.org.uk/computing/patches/openssh
>
> _______________________________________________
> Curdle mailing list
> Curdle%ietf.org@localhost
> https://www.ietf.org/mailman/listinfo/curdle
>

Follow-Ups:
- Re: [Curdle] [SSH] GSS key exchange methods
  - From: Basney, Jim

References:
- Re: [Curdle] [SSH] GSS key exchange methods
  - From: Basney, Jim

Prev by Date: Re: [Curdle] [SSH] GSS key exchange methods
Next by Date: Re: [Curdle] [SSH] GSS key exchange methods
Previous by Thread: Re: [Curdle] [SSH] GSS key exchange methods
Next by Thread: Re: [Curdle] [SSH] GSS key exchange methods
Indexes:

Home | Main Index | Thread Index | Old Index