Kerberos and OpenSSH - Was:Kerberos password auth/expiry kbdint patch

James F.Hranicky jfh at
Fri May 16 05:13:05 EST 2003

On Thu, 15 May 2003 10:44:33 -0700 (PDT)
Booker Bense <bbense at SLAC.Stanford.EDU> wrote:

> - No one is arguing that the krb5 API is should be used.
> THAT'S WHY THE GSSAPI standard was created, if you listen to
> anybody involved in the kerberos world they will tell you that
> applications should be using GSSAPI not the krb5 API's. We
> already know they are broken, that's why we're telling you
> not to use them.

Do you have any links on the superiority of GSSAPI over native Krb5? A
half-hearted google search didn't turn up anything obvious (to me :->).


| Jim Hranicky, Senior SysAdmin                   UF/CISE Department |
| E314D CSE Building                            Phone (352) 392-1499 |
| jfh at             |
                          About politics:
                     Don't worry about results
                   It's the thought that counts

More information about the openssh-unix-dev mailing list