Description of problem: OpenSSH in RHEL4 calls krb5_init_ets(). That function is no longer part of the public API and hasn't been for many many years. In Kerberos v1.3 shipped with RHEL4 the function just returns true without doing anything. The OpenSSH in RHEL4 is still calling the function anyway. In Kerberos v1.4 the function was removed entirely. The soname wasn't changed as krb5_init_ets() isn't part of the public API. Security policy in our environment dictates that must use Kerberos v1.4 on RHEL4. Since OpenSSH sshd is calling that function it crashes. It would be very helpful if the next errata release of OpenSSH for RHEL4 didn't call krb5_init_ets().
Please use the Support Issue tracker to report such feature requests for Red Hat Enterprise Linux. When you report it, mention this bugzilla bug number.
We have purchased RHEL4 ES. I don't believe the support issue tracker is available to us.
With Standard Edition subscription type you should have access to it (probably not with the Basic Edition). I'm sorry but we don't support installing newer MIT Kerberos on existing RHEL releases. Removing the function call would be probably trivial however all updates done in RHEL must be properly requested, justified and tested by QE. If you are installing a different/unsupported krb5 packages anyway it shouldn't be a too big difference for you if you patched the openssh packages as well.