don't clean up gssapi credentials by default (#1055016)

This commit is contained in:
Petr Lautrbach 2014-02-26 17:08:07 +01:00
parent f9f83a00b5
commit f3b39bb6cb
3 changed files with 3 additions and 3 deletions

View File

@ -15,7 +15,7 @@ diff -up openssh-6.1p1/sshd.c.log-usepam-no openssh-6.1p1/sshd.c
diff -up openssh-6.1p1/sshd_config.log-usepam-no openssh-6.1p1/sshd_config
--- openssh-6.1p1/sshd_config.log-usepam-no 2012-09-14 20:54:58.514255748 +0200
+++ openssh-6.1p1/sshd_config 2012-09-14 20:54:58.551255954 +0200
@@ -95,6 +95,8 @@ GSSAPICleanupCredentials yes
@@ -95,6 +95,8 @@ GSSAPICleanupCredentials no
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.

View File

@ -2892,7 +2892,7 @@ diff -up openssh-6.3p1/sshd_config.gsskex openssh-6.3p1/sshd_config
@@ -92,6 +92,8 @@ ChallengeResponseAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
GSSAPICleanupCredentials no
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no

View File

@ -96,7 +96,7 @@ diff -up openssh-6.3p1/sshd_config.redhat openssh-6.3p1/sshd_config
#GSSAPIAuthentication no
+GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
+GSSAPICleanupCredentials yes
+GSSAPICleanupCredentials no
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will