GSSAPI Authentication is typically used with Kerberos. Kerberos must be configured on both the server and client. If you are not using Kerberos, then you probably do not need it. If you are just using password or SSH keys to log in to your server you likely do not need GSSAPI, and you can disable it in the sshd_config file.

Set in the /etc/ssh/sshd_config

GSSAPIAthentication no

As for the “with-mic” part, there are two authentication methods for GSSAPI; with-mic and -keyex. The MIC stands for message integrity code. And from what I gather from reading the RFC-4462 it is generated by the client using many of the agreed upon connection parameters and is hashed several times. Read more at https://tools.ietf.org/html/rfc4462.html

Leave a Reply

Your email address will not be published. Required fields are marked *