Sudden change in ssh behavior.
Berna Massingill
bmassing at cs.trinity.edu
Tue Nov 22 17:53:17 UTC 2005
On Tue, Nov 22, 2005 at 11:25:51AM -0600, J. K. Cliburn wrote:
>> On 11/22/05, akonstam at trinity.edu <akonstam at trinity.edu> wrote:
>> > Suddenly ssh-ing to any of our machines causes the following error.
>> > /etc/ssh/ssh_config line 40: Unsupported option "GSSAPIAuthentication"
>> > Anyone know what that means?
>>
>> For some reason, GSSAPIAuthentication is set to "yes" in the default
>> ssh_config file distributed with FC4. This causes the client to issue
>> a DNS query looking for _kerberos.<FQDN> every time you execute the
>> ssh command. I found this one evening when my ISP service was dead,
>> but I still wanted to ssh into another machine on my home network.
>> There was a mysterious delay in the login that was revealed when I ran
>> a packet capture on the client. The delay was due to the absence of a
>> DNS server for the _kerberos.<FQDN> lookup (because my ISP was dead).
>> I set GSSAPIAuthentication to "no" and the delay disappeared. Unless
>> you're actually using GSSAPI authentication, you should be able to
>> safely set the flag to "no" in your /etc/ssh_config file.
>>
>> This still doesn't explain why you suddenly started getting the error, though.
>>
Nor does it explain why I (another user of the same machines -- as you
might guess from e-mail addresses) don't seem to be having this problem.
-- blm
More information about the users
mailing list