Pending OpenSSH release: contains Kerberos/GSSAPI changes
Steven Michaud
smichaud at pobox.com
Fri Jan 23 04:35:54 EST 2004
> There is no transition strategy in the OpenSSH code, nor do I think
> there should be one.
Why not?
On Thu Jan 22 16:03:15 MST 2004, Simon Wilkinson wrote:
> On Thu, 22 Jan 2004, Douglas E. Engert wrote:
>
>> We are using using Simon's current mods with the "gssapi" method.
>> The new code implements the "gssapi-with-mic". I don't see a transition
>> stratagy to get from using "gssapi" to get to using "gssapi-with-mic",
>> other then to update all clients and servers at the same time.
>> (The SecurtCRT for Windows, does appear to work with either.)
>
> There is no transition strategy in the OpenSSH code, nor do I think there
> should be one.
>
> I will probably provide _for this release only_ patches which allow sites
> to enable 'gssapi' authentication for backwards compatibility. Those sites
> will generally have been using my patches anyway, so I don't see any
> problem with this existing outside the main code base.
>
> Cheers,
>
> Simon.
More information about the openssh-unix-dev
mailing list