Sudden change in ssh behavior.
J. K. Cliburn
jcliburn at gmail.com
Tue Nov 22 17:25:51 UTC 2005
On 11/22/05, akonstam at trinity.edu <akonstam at trinity.edu> wrote:
> Suddenly ssh-ing to any of our machines causes the following error.
> /etc/ssh/ssh_config line 40: Unsupported option "GSSAPIAuthentication"
> Anyone know what that means?
For some reason, GSSAPIAuthentication is set to "yes" in the default
ssh_config file distributed with FC4. This causes the client to issue
a DNS query looking for _kerberos.<FQDN> every time you execute the
ssh command. I found this one evening when my ISP service was dead,
but I still wanted to ssh into another machine on my home network.
There was a mysterious delay in the login that was revealed when I ran
a packet capture on the client. The delay was due to the absence of a
DNS server for the _kerberos.<FQDN> lookup (because my ISP was dead).
I set GSSAPIAuthentication to "no" and the delay disappeared. Unless
you're actually using GSSAPI authentication, you should be able to
safely set the flag to "no" in your /etc/ssh_config file.
This still doesn't explain why you suddenly started getting the error, though.
More information about the fedora-list
mailing list