Thursday, 27 September 2007

Key Exchange for OpenSSH 4.7p1

I finally managed to make time this evening to update my GSSAPI key exchange patches to OpenSSH 4.7p1, and release them to the world. There are no functional changes with this update, just removing some code from the patch that's made it into the OpenSSH tree. I hope to be able to get some other pieces out of the patch (the GssapiTrustDNS code, in particular) before the next release.

I'd also hoped to be able to announce a public release of my cascading credentials renewal code, but a colleague has discovered some problems with the server crashing when this code is enabled. The problem only seems to occur with particular versions of the MIT GSSAPI library, but I want to find out exactly what's causing this before making a public release.