> Is there a way to get the default BSD 5.3 openssh to compile > against the MIT kerberos libraries? I have set NO_KERBEROS=yes in > /etc/make.conf so > that the heimdal kerberos is not built, and rebuilt world, then installed > /usr/ports/security/krb5 and rebuilt world again. sshd is however not being > built against MIT at all. > > [root@foobar] ~ # ldd /usr/sbin/sshd > /usr/sbin/sshd: > libssh.so.2 => /usr/lib/libssh.so.2 (0x28098000) > libutil.so.4 => /lib/libutil.so.4 (0x280c7000) > libz.so.2 => /lib/libz.so.2 (0x280d3000) > libwrap.so.3 => /usr/lib/libwrap.so.3 (0x280e3000) > libpam.so.2 => /usr/lib/libpam.so.2 (0x280eb000) > libcrypto.so.3 => /lib/libcrypto.so.3 (0x280f2000) > libcrypt.so.2 => /lib/libcrypt.so.2 (0x281e7000) > libc.so.5 => /lib/libc.so.5 (0x281ff000) I'm not a buildworld guru, but I think that with NO_KERBEROS=yes, /usr/bin/sshd(8) will obviously NOT be linked with any krb library. IMHO, you should build OpenSSH from ports with the KERBEROS=yes knob. Hope this helps. Regards, -- Jeremie Le Hen jeremie@le-hen.org _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"