https://bugzilla.mindrot.org/show_bug.cgi?id=2309
Christoph Anton Mitterer <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Christoph Anton Mitterer <[email protected]> --- Rethinking that again (which I probably should have done more carefully before) I'll close this as invalid: Both gssapi-with-mic (and gssapi-keyex) and hostbased won't query the user. - If a kerberos ticket is there, it will be used if gasapi-with-mic comes first and one doesn't need to interact. - If no kerberos ticket is there, gssapi-with-mic auth will fail (respectively not tried at all) and ssh will try hostbased auth. Thus no interaction either. And then I think it's better to prefer the gssapi-* methods over anything else, because if forwarding of credentials is enabled then the user probably wants this, which wouldn't happen if hostbased kicks in before. Sorry for the noise O:-) -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
