Re: GSSAPI Key Exchange Patch
On Thu, 15 Nov 2007, [email]firstname.lastname@example.org[/email] wrote:
> Will Simon Wilkinson's GSSAPI Key Exchange patch ever be incorporated into
> the OpenSSH source?[/color]
As far as I know, none of the current core OpenSSH developers are in
favour of adding it.
> I'm sure I'm not the only one that uses it and would like to see it become
> part of the OpenSSH source. Is there something missing or is there some
> technical/philosophical reason for not including it?[/color]
Yes - we are very scared of adding features that lead to more
pre-authentication attack surface, especially when they delegate to
complex libraries with patchy security histories.
openssh-unix-dev mailing list