Pending OpenSSH release: contains Kerberos/GSSAPI changes
sxw at inf.ed.ac.uk
sxw at inf.ed.ac.uk
Fri Jan 23 03:03:15 EST 2004
On Thu, 22 Jan 2004, Douglas E. Engert wrote:
> We are using using Simon's current mods with the "gssapi" method.
> The new code implements the "gssapi-with-mic". I don't see a transition
> stratagy to get from using "gssapi" to get to using "gssapi-with-mic",
> other then to update all clients and servers at the same time.
> (The SecurtCRT for Windows, does appear to work with either.)
There is no transition strategy in the OpenSSH code, nor do I think there
should be one.
I will probably provide _for this release only_ patches which allow sites
to enable 'gssapi' authentication for backwards compatibility. Those sites
will generally have been using my patches anyway, so I don't see any
problem with this existing outside the main code base.
Cheers,
Simon.
More information about the openssh-unix-dev
mailing list