Bug 1491179 - GSSAPIStrictAcceptorCheck default change with 7.4 [rhel-7.4.z]
Summary: GSSAPIStrictAcceptorCheck default change with 7.4 [rhel-7.4.z]
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openssh
Version: 7.5
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: rc
: ---
Assignee: Jakub Jelen
QA Contact: Stefan Dordevic
URL:
Whiteboard:
Keywords: Regression, ZStream
Depends On: 1488982
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-13 09:09 UTC by Oneata Mircea Teodor
Modified: 2017-10-22 12:57 UTC (History)
9 users (show)

(edit)
With the Red Hat Enterprise Linux 7.4 release of the openssh package, the default value of the GSSAPIStrictAcceptorCheck configuration option in the OpenSSH server was changed to "No". Consequently, unexpected failure states occured in incomplete Kerberos-configured environments. With this update, the GSSAPIStrictAcceptorCheck default value has been changed back to "Yes", and the failures no longer occur in the described scenario.
Clone Of: 1488982
(edit)
Last Closed: 2017-10-19 15:00:56 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:2926 normal SHIPPED_LIVE openssh bug fix update 2017-10-19 18:46:59 UTC
Red Hat Knowledge Base (Solution) 3174651 None None None 2017-09-13 09:09 UTC

Description Oneata Mircea Teodor 2017-09-13 09:09:12 UTC
This bug has been copied from bug #1488982 and has been proposed to be backported to 7.4 z-stream (EUS).

Comment 6 errata-xmlrpc 2017-10-19 15:00:56 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2926


Note You need to log in before you can comment on or make changes to this bug.