Pending OpenSSH release: contains Kerberos/GSSAPI changes

Sam Hartman hartmans at MIT.EDU
Sat Jan 31 12:12:53 EST 2004


I'd prefer client MAY mutual auth rather than client SHOULD NOT mutual
auth.

If the server does not implement gss-keyex then a sufficiently clever
client can get some of the benefits of gss-keyex in some situations by
requesting mutual.



More information about the Kerberos mailing list