I put 7.2p2 into OmniOS (an illumos distro... you don't call out illumos yet, so I put it with Solaris for now... you need to fix that) yesterday. A GSSAPI user has reported that their GSSAPI authentication breaks now. Apparently I'm not the only one seeing it: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817870 I've yet to confirm/deny if a 7.2 client works with a 7.2 server. One possibly relevant client-side-only pastebin: http://fpaste.org/340879/81335561/
I build with these patches: https://github.com/omniti-labs/omnios-build/tree/master/build/openssh/patches (And the commit message is a bit wrong - they are updated for 7.2p2.)
I build with these patches: https://github.com/omniti-labs/omnios-build/tree/master/build/openssh/patches (And the commit message is a bit wrong - they are updated for 7.2p2.) >>> I've yet to confirm/deny if a 7.2 client works with a 7.2 server. Confirmed that a 7.2 client works with a 7.2 server. So perhaps it's a dropped algorithm?
Pastebin with successful 7.2 client to 7.2 server session: http://fpaste.org/340917/13698814/
This: debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g== Isn't OpenSSH. It's a 3rd-party patch that we didn't write and don't maintain. You'll have to look to whoever wrote that patch for support.
(In reply to Damien Miller from comment #4) > This: > > debug1: Offering GSSAPI proposal: > gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1- > toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g== > > Isn't OpenSSH. It's a 3rd-party patch that we didn't write and don't > maintain. You'll have to look to whoever wrote that patch for > support. Thank you for the clarification, and sorry for the disturbance.
Close all resolved bugs after 7.3p1 release