You are not logged in.
- Topics: Active | Unanswered
Pages: 1
Topic closed
#1 2011-06-12 13:55:51
- Xappe
- Member
- Registered: 2008-05-17
- Posts: 105
OpenSSH with GSSAPIKeyExchange patch
Hi,
I'm running simulations on a large cluster which uses heimdal authentication with the requirement of a GSSAPIKeyExchange enabled ssh client. I'm running Ubuntu at work where the shipped openssh is already patched, but Arch (which I use on my laptop) does not seem to have this patch in the openssh package by default.
What's the best way of doing this? As far as I can see, the patch is not released for the current version of openssh in Arch. Are there any problems/security issues related to downgrading the ssh version? Do you know of any pkgbuilds for this purpose?
Thanks
Xappe
vanum est vobis ante lucem surgere
Offline
#2 2012-03-16 15:49:45
- erlen
- Member
- Registered: 2012-03-16
- Posts: 2
Re: OpenSSH with GSSAPIKeyExchange patch
Up, I have the same problem.
Offline
#3 2012-03-16 20:29:21
- Leonid.I
- Member
- From: Aethyr
- Registered: 2009-03-22
- Posts: 999
Re: OpenSSH with GSSAPIKeyExchange patch
Ordinarily AL doesn't add patches which are not accepted upstream. If you guys have a relevant usecase, please open a bug report at bugs.archlinux.org. FYI, Fedora has a patch against openssh 5.9 called openssh-5.9p1-gsskex.patch.
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline
#4 2012-03-16 21:35:09
- erlen
- Member
- Registered: 2012-03-16
- Posts: 2
Re: OpenSSH with GSSAPIKeyExchange patch
I am new, ould you explain me how can I make the patch under arch
Offline
#5 2012-03-17 16:51:20
- Leonid.I
- Member
- From: Aethyr
- Registered: 2009-03-22
- Posts: 999
Re: OpenSSH with GSSAPIKeyExchange patch
You'll have to recompile openssh. First, download PKGBUILD and other files from http://projects.archlinux.org/svntogit/ … es/openssh. Then, get the patch from http://www.sxw.org.uk/computing/patches/openssh.html. Put something like "patch -Np1 -i $srcdir/your.patch" in build() in PKGBUILD and run makepkg which will make you the package installable with pacman -U. However, I wouldn't do this righ tnow since there is a openssl rebuild coming.
The right way is to report the issue on bugtracker/ML. I would do this myself, but I don't have access to krb5 servers with that kind of authentication.
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline
#6 2012-04-13 14:45:13
- cra
- Member
- From: Sweden
- Registered: 2009-09-25
- Posts: 70
Re: OpenSSH with GSSAPIKeyExchange patch
Hey, thanks for the tips. I made an AUR package for 5.7p1 version of openssh, you can try it out: https://aur.archlinux.org/packages.php?ID=58443
If you have yaourt installed you can just do it by running run
$ yaourt -S openssh-gssapikeyexchangeThou shalt not make a machine in the likeness of a human mind
Offline
#7 2015-09-22 09:10:55
- fishstamp82
- Member
- Registered: 2015-09-22
- Posts: 1
Re: OpenSSH with GSSAPIKeyExchange patch
Could this be bumped? The AUR version of the patched ssh which was at latest v6.2p2 is no longer available. Anyone still has it and could upload it?
Offline
#8 2015-09-22 10:20:55
- WorMzy
- Administrator
- From: Scotland
- Registered: 2010-06-16
- Posts: 12,609
- Website
Re: OpenSSH with GSSAPIKeyExchange patch
Could this be bumped?
We would prefer that it wasn't.
https://wiki.archlinux.org/index.php/Fo … bumping.22
Old AUR packages that weren't resubmitted to the new AUR are still available, which may be of use to you.
Closing.
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
Pages: 1
Topic closed