Bug #866

Nico Williams nico at cryptonector.com
Thu Aug 1 03:38:00 EST 2013

On Tue, Jul 30, 2013 at 7:54 PM, Damien Miller <djm at mindrot.org> wrote:
> Why now? The proliferation of vendor packages that patch in things like
> GSSAPI-KEX and have default configurations that enable them explicitly.
> It makes it quite difficult to use custom-compiled packages of OpenSSH
> on these systems.

OK, thanks.  Good to know.

> For the record, I think turning on the attack surface of GSSAPI by
> default is a Very Bad Decision all by itself.


More information about the openssh-unix-dev mailing list