On 1024934044 seconds since the Beginning of the UNIX epoch
Jason R Thorpe wrote:
>

>One of the most annoying things about GSSAPI for SSHv2 is the occasional
>rekeying that the SSHv2 transport does.  What happens is that the user's
>ticket eventually expires during the login session, a rekey is attempted,
>and the session is killed because the rekey failed due to expired ticket.
>Now, while this may be strictly correct ("of course the session should
>die once the ticket expires!"), it is different from every other login
>mechanism that uses Kerberos that I am aware of.

This seems a little broken, definitely.  I'd personally prefer to
see a compromise which would be to alert the user to the fact that
their tickets are expired and keep the connection alive waiting
for the user to obtain a new ticket.  (At least optionally.)

>Also, as far as I am aware (caveat: I haven't had much time to keep up
>with the ietf-secsh mailing list), there aren't any Kerberized methods
>for doing the host authentication in SSH (v1 or v2).  Because of this,
>you still have a key distribution problem for the host keys.

Doesn't krb5 do mutual auth already?  Why bother with host keys at
all?

 == Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/  ==
 == The Unofficial NetBSD Web Pages        http://www.Imrryr.ORG/NetBSD/  ==
 == The NetBSD Project                            http://www.NetBSD.ORG/  ==