[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Pending OpenSSH release: contains Kerberos/GSSAPI changes



I'd prefer client MAY mutual auth rather than client SHOULD NOT mutual
auth.

If the server does not implement gss-keyex then a sufficiently clever
client can get some of the benefits of gss-keyex in some situations by
requesting mutual.