projects / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add support for mechanisms with no integrity
[openssh.git] / sshd_config.5
diff --git a/sshd_config.5 b/sshd_config.5
index 449afb3..01a949a 100644 (file)
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -435,6 +435,16 @@ on logout.
 The default is
 .Dq yes .
 Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIRequireMIC
+Specifies whether to permit authentication using GSS-API mechanisms
+and/or contexts that do not support per-message integrity protection.
+If
+.Dq yes
+then the server will fail an otherwise valid gssapi-with-mic authentication
+if per-message integrity protection is not supported.
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
 .It Cm GSSAPIStrictAcceptorCheck
 Determines whether to be strict about the identity of the GSSAPI acceptor 
 a client authenticates against. If
Unnamed repository; edit this file 'description' to name the repository.