Download: Stable · Snapshot | Docs | Changes | Wishlist
Implement GSSAPI key exchange as an alternative to GSSAPI user authentication.
The documentation describes the advantages of using GSSAPI key exchange.
This initial implementation supports only Kerberos V5, and only the cryptographic algorithms specified in RFC 4462; it does not implement any of the methods specified in draft-ietf-curdle-gss-keyex-sha2 (not yet published as an RFC at time of writing).
All of the RFC 4462 methods use the SHA-1 hash, which is looking
wobbly these days. As well as group exchange, RFC 4462 specifies (and
we support) fixed groups, including Diffie-Hellman "group 1", which
we're not keen on (see deprecate-dh-group1). There's no way
currently to disable some methods selectively, but the whole feature
can be disabled with the setting "Attempt GSSAPI key exchange".
[Update: see gss-key-exchange-more-algs for how this is addressed in newer versions.]