On Mon, 7 Mar 2011, Nico Kadel-Garcia wrote: > Have you backported OpenSSH 5.x to CentOS 5? Because I don't see the > full features set without OpenSSH 5.x, such as "GSSApiKeyExchange". Nope, I like the simple life. > Hmm. What you've described is an ssh_config option, which is set to > "no" by default. I'll have to look into that. There have been some > interesting..... traction issues with using the backported OpenSSH 5.x > I'm currently reliant on for CentOS 5 and RHEL 5. I'm stock 5.5: openssh-server-4.3p2-41.el5_5.1 openssh-4.3p2-41.el5_5.1 openssh-clients-4.3p2-41.el5_5.1 Server needs: GSSAPIAuthentication yes GSSAPICleanupCredentials yes Most probably you also want: AllowGroups blah Client needs: GSSAPIAuthentication yes If you want key forwarding, you also need: GSSAPIDelegateCredentials yes Works like a charm, and GSSAPI auth works with putty, delegation doesn't seem to. jh