Use the GSSAPI tab of the Secure Shell Settings dialog box to specify settings for GSSAPI authentication. Items on this tab are available only if GSSAPI/Kerberos is selected in the User Authentication list on the General tab.
The options are:
SSPI |
Use the Microsoft Security Services Provider Interface (SSPI), which lets you use your Windows domain login credentials to authenticate to the Secure Shell server. This setting simplifies setup, as there is no need to configure the Reflection Kerberos client. |
Reflection Kerberos |
Use the Reflection Kerberos client for Kerberos/GSSAPI authentication. Before you can make connections using the Reflection Kerberos client, you must configure Reflection Kerberos on your computer. |
Configure |
Configures the Reflection Kerberos client. This button is available only when Reflection Kerberos is the selected GSSAPI provider. |
Delegate credentials |
Specifies whether GSSAPI forwards your Kerberos ticket granting ticket (TGT) to the host. |
Use default service principal name |
Specifies the name used to send a request for a service ticket to the Kerberos Key Distribution Center (KDC). The host name value is the name of the Secure Shell server to which you are connecting. The realm value depends on which GSSAPI provider you have selected. |
Service principal |
Specifies a non-default service principal value. |