>So I read (a chunk of) the thread, and I've gotta say, I'm not
>convinced.  Sure, doing krb5 in ssh2 the right way (via gssapi) involves
>more code.  This is not in of itself a strike against it.  If anything,
>the code Roland linked, which is apparently in daily use, may be a
>better bet than code done locally to the OpenSSH group, whose leadership
>have said repeatedly that they don't use kerberos, and thus are not
>willing to make any large effort in the direction of supporting it.

	krb5-with-ssh2 method (which was committed yesterday) was designed
	by ssh.com people, not openssh people.  you are blaming wrong guys
	for no good reaason.

itojun