[Bug 1095757] Re: krb5 packages should be updated to v. >=1.10.2 to workaround bug with gssapi kerberos authentication
Tom Yu
tlyu at mit.edu
Fri Jan 4 15:53:39 UTC 2013
There is some additional information and history in launchpad bug
571572, which this bug report might be considered a duplicate of.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1095757
Title:
krb5 packages should be updated to v. >=1.10.2 to workaround bug with
gssapi kerberos authentication
Status in “krb5” package in Ubuntu:
New
Bug description:
There is a bug within eglibc [1] and [2] which breaks kerberos
authentication functionality for ssh-servers behind NAT gateways as
glibc does a rDNS cannonicalization of hostnames even if you specify
"rdns=false" in krb5.conf.
There is a workaround implemented in MIT krb5 v. 1.10.2. [3].
The current maintenance release is 1.10.3.
As the bug is still not fixed in eglibc, krb5 should be updated to at
least 1.10.3 to fix this issue.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=714823
[2] https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1057526
[3] http://krbdev.mit.edu/rt/Ticket/Display.html?id=7124
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1095757/+subscriptions
More information about the foundations-bugs
mailing list