I see that in /etc/ssh/ssh_config I have the above setting in both Fedora-19 and CentOS-6.4 . In both cases ssh (openssh) tries and fails to use gssapi-with-mic authentication, with the message ======================= Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available ======================= It then goes on to use publickey authentication, successfully. As far as I can see, this is because openssh has over-ridden the default # GSSAPIAuthentication no with GSSAPIAuthentication yes I've googled for this, and see that some people recommend reverting to the default No. But I assume openssh has some reason for making this change. What would I do if I actually wanted to use GSSAPIAuthentication? -- Timothy Murphy e-mail: gayleard /at/ eircom.net School of Mathematics, Trinity College, Dublin 2, Ireland