IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [Curdle] [SSH] GSS key exchange methods



On 9/11/16, 1:42 PM, Benjamin Kaduk wrote:
>On Sun, 11 Sep 2016, Basney, Jim wrote:
>
>> On 9/10/16, 1:35 AM, denis bider (Bitvise) wrote:
>> >Does anyone else second these suggestions?
>>
>> I do. Science projects like ligo.org and xsede.org rely on RFC 4462 SSH
>> GSS-API Key Exchange using multiple GSS mechanisms including X.509 [1],
>> SAML [2], and EAP [3]. We use patches [4] that add GSS-API Key Exchange
>> support to OpenSSH, and we'd update the patches to support new GSS-API
>>Key Exchange methods.
>
>Do note that Simon is no longer actively maintaining those patchsets; I
>believe the best place to send updates is a pull request to
>https://github.com/gss-openssh/openssh-portable (which is itself a bit
>under-loved), though I would be happy to hear that there is an alternate
>home for such patches.

Yes, I have previously submitted a pull request to that repo.
Our offer to assist with maintaining that repo still stands.
Our current, actively-maintained sources reside at [1].

Thanks,
Jim

>> [1] https://github.com/globus/gsi-openssh
>> [2] https://github.com/fedushare/mech_saml_ec
>> [3] https://wiki.moonshot.ja.net/display/Moonshot/Source+Access
>> [4] http://www.sxw.org.uk/computing/patches/openssh




Home | Main Index | Thread Index | Old Index