On Mon, Sep 02, 2013 at 11:59:34PM -0700, Erich Beyer wrote: > I am running current. For a few snapshots, sshd has been putting errors in > my authlog: > > Sep 2 23:33:56 openbsd sshd[22922]: Server listening on 0.0.0.0 port 22. > Sep 2 23:33:56 openbsd sshd[22922]: Server listening on :: port 22. > Sep 2 23:34:01 openbsd sshd[28174]: rexec line 76: Unsupported option > KerberosAuthentication > Sep 2 23:34:01 openbsd sshd[28174]: rexec line 82: Unsupported option > GSSAPIAuthentication > Sep 2 23:34:01 openbsd sshd[28174]: reprocess config line 76: Unsupported > option KerberosAuthentication > Sep 2 23:34:01 openbsd sshd[28174]: reprocess config line 82: Unsupported > option GSSAPIAuthentication > Sep 2 23:34:09 openbsd sshd[28174]: Accepted password for badboybeyer from > 10.12.12.24 port 2162 ssh2 > > Commenting the corresponding lines in sshd_config removes the errors: > > KerberosAuthentication yes > GSSAPIAuthentication yes > > These lines are the only diff from etc54.tgz. Why are these authentication > methods not throwing error messages? What did I overlook?
It's possible it wasn't discussed too much in public fora, but start with http://marc.info/?l=openbsd-cvs&m=137161966011552&w=2 and read the various followups as well as several notes in http://www.openbsd.org/faq/current.html. My favorite here is http://marc.info/?l=openbsd-cvs&m=137162163212109&w=2 - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

