Something to remain aware of for the next Debian release:
openssh (1:9.8p1-5) unstable; urgency=medium
* Add openssh-client-gssapi and openssh-server-gssapi packages; these
currently just depend on their non-gssapi counterparts, but will become
different in future. See
https://lists.debian.org/debian-devel/2024/04/msg00044.html.
The package description:
This package provides versions of the ssh client and related programs
built with support for GSS-API authentication and key exchange, which
can be used with systems such as Kerberos.
It is currently an empty package depending on openssh-client, but
future releases will remove GSS-API support from openssh-client, so
users who need it should install this package.
Basically, support for GSS variants will become optional and get packaged separately. This will affect the suggested configurations in the hardening guide for Debian 13.
Something to remain aware of for the next Debian release:
The package description:
Basically, support for GSS variants will become optional and get packaged separately. This will affect the suggested configurations in the hardening guide for Debian 13.