[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#765655: openssh: please clarify documentations for GSSAPI's cascading credential feature



Oh, and I've just seen that there is also an issue with the quotation
marks: 
     GSSAPITrustDns
             Set to “yes to indicate that the DNS is trusted to securely canonicalize” the
             name of the host being connected to. If “no, the hostname entered on the”
             command line will be passed untouched to the GSSAPI library.  The default is
             “no”.  This option only applies to protocol version 2 connections using GSS‐
             API.
which is corrected by a 2nd patch attached to this mail.


Colin, you possibly further please clarify, which of the options added
by gssapi.patch, actually require GSSAPI key exchange?


Thanks,
Chris.
diff -u a/ssh_config.5 b/ssh_config.5
--- a/ssh_config.5	2014-10-17 04:20:20.000000000 +0200
+++ b/ssh_config.5	2014-10-17 04:21:55.909882995 +0200
@@ -752,9 +752,11 @@
 .Dq no .
 .It Cm GSSAPITrustDns
 Set to 
-.Dq yes to indicate that the DNS is trusted to securely canonicalize
+.Dq yes
+to indicate that the DNS is trusted to securely canonicalize
 the name of the host being connected to. If 
-.Dq no, the hostname entered on the
+.Dq no ,
+the hostname entered on the
 command line will be passed untouched to the GSSAPI library.
 The default is
 .Dq no .

Attachment: smime.p7s
Description: S/MIME cryptographic signature


Reply to: