Message-ID:

What the gods would destroy they first submit to an IEEE standards committee.

Re: Using an alternate principal for ssh

<mailman.78.1654026268.8148.kerberos@mit.edu>

https://www.novabbs.com/devel/article-flat.php?id=277&group=comp.protocols.kerberos#277

copy link Newsgroups: comp.protocols.kerberos

Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: jhu...@cmu.edu (Jeffrey Hutzelman)
Newsgroups: comp.protocols.kerberos
Subject: Re: Using an alternate principal for ssh
Date: Tue, 31 May 2022 15:43:41 -0400
Organization: TNet Consulting
Lines: 33
Message-ID: <mailman.78.1654026268.8148.kerberos@mit.edu>
References: <622B5998-57E0-450C-88C4-96FA04220AB8@prime.gushi.org>
<410be09d-0680-96f9-ef59-599c0a9996e3@mit.edu>
<CALF+FNx1A+rwTEntG7bza1eLZcizk5WpfLQ0QsP8BZH-6zr1pA@mail.gmail.com>
<e2ac1b0e-c77a-2771-bf9c-a5c3195a3f5e@taltos.org>
<CALF+FNxUWnJeBQSCObytkC2brk8cD1op48hm8QHHC8-djN4Z=Q@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="24191"; mail-complaints-to="newsmaster@tnetconsulting.net"
Cc: kerberos@mit.edu
To: Carson Gaspar <carson@taltos.org>
Authentication-Results: mit.edu;
dmarc=pass (p=none dis=none) header.from=cmu.edu
Authentication-Results: mit.edu; arc=pass
ARC-Seal: i=2; a=rsa-sha256; d=mit.edu; s=arc; t=1654026266; cv=pass;
b=agWeSH5hlGDmSEmQ2RqxTzc6D3o/TAppZKcWtAv2FfIEC2+Kl+vT62B7WEMt4lcOqa8r1tJdizNcIjm+ZJzzcoko3Wz/fAyqzeDhsmbplQgzk2Y+/CBqbXnnBVU+nL41QOttW22c32eV75cx11yA/zGP2s7f9EWbtPjaCKLQ39p5OHA+AqjaNWk72CAMMylUXhQq/+WVMh/giolv9qlZc448FELXVfTbUOfSoOs+/r9dBKYeUWbu09hxOOWlOT33F26bdR5hishoxQZ8PeF4AhVXbMlNTXTK9WKrttgsXD0ofxm3v70NqiWNnAj5wLzdK1wkKrbb8oaATm0mFfxerw==
ARC-Message-Signature: i=2; a=rsa-sha256; d=mit.edu; s=arc; t=1654026266;
c=relaxed/relaxed; bh=sAIpjStGmi92fMN+TrXV7CSeIc+kDTr9bbzUUbQQ60I=;
h=MIME-Version:From:Date:Message-ID:Subject:Content-Type;
b=lJdmUC1k+RXPLzOF8QIiLPKCsrH1MHcPE02b4vm5oy1q2sK/9a//aNz5PMOlHTcjYPD+tDu2AEHDUJjbPTI/kAQs974PvEqPQ8fpPHsKzLl/sNe4CUBjSWt9V3kLxTblNkAI3qXeUzkVttfg+5oh0N+kKiG1wlzmgznCM8LmucffGldiTvkjjIMTn1FBMXWaxVgTekberFMJhHQpzPl4D4k+2JA/rbydI+2s61Y1LWnkyuDKJPfERobjtoH3eFfI742LgN/fdsYAFrSoCseZRnIOnqrUC1zttu40OeqtfAOSC2kQHZDgaX3iNztys3Bdd2zfKk3mM8clJTz0NIww0A==
ARC-Authentication-Results: i=2; mit.edu; dkim=pass (1024-bit key)
header.d=mitprod.onmicrosoft.com header.i=@mitprod.onmicrosoft.com
header.b=Mbqibrft;
dkim=pass (2048-bit key) header.d=cmu.edu header.i=@cmu.edu header.b=mG3k1vJg;
arc=pass
Authentication-Results: mit.edu;
dkim=pass (1024-bit key) header.d=mitprod.onmicrosoft.com
header.i=@mitprod.onmicrosoft.com header.b=Mbqibrft;
dkim=pass (2048-bit key) header.d=cmu.edu header.i=@cmu.edu header.b=mG3k1vJg
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=lR+z6tvoR8LOM8+LrPUZzIpQP4+m7MPhoNAv927y9a1hDh1XY/hRamOZJCVMzHPcVsm+9mHs2FhnL9Qw7BZjDxFuosDEK2qr7CQPJq1eom6iBrlt2cI1KvbUeUA8lKQNx55tSpCDMF3gA8lcDh3yyh26vLYzU/qWeijBJCnfjEgUulGVG+eQVvUMXJ8R5RLOxyfvTgjtIh0KvKTbkWvnsmUCtMsO1WIe4Aq87H6yR0hQczB403dmEumFClBTa9vrxky+xlcUw6OqWVt/2U0iik2NSbKPkw467uveX5CpVs4XmELl8rKErBWJH/BkE+oRcTMImq/vI6Vy+5N6yuzGMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=sAIpjStGmi92fMN+TrXV7CSeIc+kDTr9bbzUUbQQ60I=;
b=XnOYH+NBwLUnZXuUo+F1kg9U+wf0O+gnt/x/ImuPtAF9ABFPVeNcm7k/v0IFp1vl5/lRqMdPYd5yX/KLpHWuOtLPSGk+sZxY3qfdBAEKGKrvvzQM1amBCW8flxthyREuXhndEzmTHgluJDdbU/dU4CoJuAQXBCJc5LlWItDLvI3s62ZrcaZ9TKnjBCziISzFbPLwgma4djSyPYf7eUMbFe1j1fRIdXkRw1ix1aTgdWfnnft5REnq2FVq+0qPLrAE5X1IlY6KFGz5GXEs6XhcN97v0kVvvFyuUUG5+43hDZQRyYOe4NYUHmjKZjEiF5A/BIPZq4+a0bZhf1iJ2hKU0A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
209.85.214.170) smtp.rcpttodomain=mit.edu smtp.mailfrom=andrew.cmu.edu;
dmarc=pass (p=none sp=none pct=100) action=none header.from=cmu.edu;
dkim=pass (signature was verified) header.d=cmu.edu; arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=sAIpjStGmi92fMN+TrXV7CSeIc+kDTr9bbzUUbQQ60I=;
b=MbqibrftT5QYVxXSQ+i3+hwVHE7gwd+RHcepx+PqjqUInue9GklT+XQKdd+3I4WUZU5MiP4efVgaZo2fIeGRetF92uuCkqwgdLumiH+MyruWz9rTr98n1/j8KA+IgGzNEum9/ZJQK+qv8pPwoEUxWbjoU+J/pzZzcNNkEqLaapM=
Authentication-Results: spf=pass (sender IP is 209.85.214.170)
smtp.mailfrom=andrew.cmu.edu; dkim=pass (signature was verified)
header.d=cmu.edu;dmarc=pass action=none header.from=cmu.edu;
Received-SPF: Pass (protection.outlook.com: domain of andrew.cmu.edu
designates 209.85.214.170 as permitted sender)
receiver=protection.outlook.com; client-ip=209.85.214.170;
helo=mail-pl1-f170.google.com; pr=C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cmu.edu; s=google-2021;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=sAIpjStGmi92fMN+TrXV7CSeIc+kDTr9bbzUUbQQ60I=;
b=mG3k1vJgbstbLYOtWk7iItU4tGAdTPYbkkhRuIBe9KnsqPClfSeLznlCKOOBGlO+D/
rJ8o0cL5rwVEEKMEQ3LwDo4jA+CgkqB8kVbXS4oSAo6LS01fF7vi5DzAci8br8v7+mZL
2Z0gIXy7nfk06w97ucz4ZLiEJicLcpjZkQpy3e9PAFw3r2d+woWj2NUS//4ZVl+AN7df
EgdSS1rM1lY/mF6QjJqz7Ue4YC06bun6JISVX/92XLCQ8MGieww0q0gDC6RmenXM1jIO
PIznME3dII9O3KwWxDIKCwXwTDdDsqNSTxCcY58nim1j1R8zcriT0JbWSIOLMZWhYTQg
RKhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=sAIpjStGmi92fMN+TrXV7CSeIc+kDTr9bbzUUbQQ60I=;
b=B2GBLifnzrDsKp1mZNHJBhQSKBCuV+msVhS0/0MBEcAI5orhw0XDcUPDp6bnPtb0NC
HbRUBSzPf8vITuWhkRWX06WWQ4kgP5ro0gafbYqerU55Wz98joA4wfvu0NQtbPU6Y0+c
psUzT6ZvqFxZDiiFTLF6e6IcvbUMY8nQGLOtwZqxXGiCW+Feo0QUZK2ky6M14rk9u4sD
TuQtr6s2f+oZHyzdtFLldxzPkknNzLEEK4k4TuISyDu404UCWDV7Q4VK9RZuoSS/DJBs
QWOtqDrtr3gX+hFGkDQBXxCOubTeFfEnL9C8JhmKo7vbFKfQbm8UOoIZN8US2QisVE04
7JeA==
X-Gm-Message-State: AOAM531EnhdStFdSaXhULvKKphxfmsWnyef3HYyqQxO0DlarDIz8cCEd
+76syxpGvdiYdzDhlGBjL3rO934y9ygmKCRdSVOmyqrZoUgi2w==
X-Google-Smtp-Source: ABdhPJzXTNZkzT1Ue3FYxyFUrolxjen6U4SR/yLjfJGlG2TDmvIWKJwBDiXWj8bUawol5E82gIuOc2UM364/b7xfecM=
X-Received: by 2002:a17:90b:1c07:b0:1e3:c8c:d4fa with SMTP id
oc7-20020a17090b1c0700b001e30c8cd4famr10736373pjb.157.1654026232568; Tue, 31
May 2022 12:43:52 -0700 (PDT)
In-Reply-To: <e2ac1b0e-c77a-2771-bf9c-a5c3195a3f5e@taltos.org>
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c230223a-5ef8-4b3b-3233-08da433de4b1
X-MS-TrafficTypeDiagnostic: DM5PR0102MB3367:EE_
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam-PRVS: <DM5PR0102MB336732C22954E40271F523D087DC9@DM5PR0102MB3367.prod.exchangelabs.com>
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: zHLa72pR0owGWysX2HZjGPT16x9BRGj8T9l/sC872U/dearZHXHSryApagufjK8M4GiioLvllYdFEkppD3bWEuMk8vxzBSb2ch/IGYgnxyjx4mCGlnGznNBtlp9UU71rGtVkOC8ETXtRy1Ek4wE1VD/wa0+iwMRGkJ+ARD+LrHgU33pV3NA9tUJsHR97aJBF7AeUGpkql1+tbVKHHPoIIKptaDcXpgVi4vrsADvDQLZ7qsXC5Iwa98ILJ2n01LTprYTfPnZGuAorIH74O0nAmlQd1V5P4WHZ8XYvKAo5fDO69xoba9elcBbS8vE8+oHO4ryE6yzJiHI8GEqdRETCD/r6C7euTO4ZC3FXOVUZiwoZxKDoCpRClwnoCA1O/dOwF+ycvOtf6WSxXDRm8f0cU2oxxoFccNP6QR347qEOlIEfXG7/CDrKVzOwpG88LPWaWfSMMAwPTY50nvx3aeFXZGZfbQSivfbj5X15IwaTQTMz808xE0JXM0fEDYLSkdqaW39h3k5/FWkoDLUhW8oJPJ8NijgWR72NJmjUiG/PlmLo82crgzC8FWUvTvAkVTxbGKhXT9XRwhUuT+b0Pb2fQx3PolB6rGzqCmV3leBvLxApuJn5qW6hScQgECPbtcjanH9daXtzJACOVU57UaT8QJ1aXGPRAjqY1DPQlVaro6U=
X-Forefront-Antispam-Report: CIP:209.85.214.170; CTRY:US; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:mail-pl1-f170.google.com; PTR:mail-pl1-f170.google.com;
CAT:NONE;
SFS:(13230001)(4636009)(6862004)(2906002)(316002)(786003)(4326008)(8676002)(6666004)(508600001)(70586007)(68406010)(83380400001)(5660300002)(53546011)(33964004)(7596003)(7636003)(26005)(9686003)(356005)(55446002)(75432002)(336012)(83170400001)(42186006)(263294003);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 May 2022 19:43:53.5230 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c230223a-5ef8-4b3b-3233-08da433de4b1
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT024.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR0102MB3367
X-OriginatorOrg: mitprod.onmicrosoft.com
X-Content-Filtered-By: Mailman/MimeDel 2.1.34
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <CALF+FNxUWnJeBQSCObytkC2brk8cD1op48hm8QHHC8-djN4Z=Q@mail.gmail.com>
X-Mailman-Original-References: <622B5998-57E0-450C-88C4-96FA04220AB8@prime.gushi.org>
<410be09d-0680-96f9-ef59-599c0a9996e3@mit.edu>
<CALF+FNx1A+rwTEntG7bza1eLZcizk5WpfLQ0QsP8BZH-6zr1pA@mail.gmail.com>
<e2ac1b0e-c77a-2771-bf9c-a5c3195a3f5e@taltos.org>

by: Jeffrey Hutzelman - Tue, 31 May 2022 19:43 UTC

Subject	Author
Re: Using an alternate principal for ssh	Jeffrey Hutzelman

What the gods would destroy they first submit to an IEEE standards committee.

devel / comp.protocols.kerberos / Re: Using an alternate principal for ssh