[XCI-358] gsissh should do STRICT_RFC2818 host verification by default Created: 03/19/2018 Updated: 08/07/2018
|Project:||XSEDE Cyberinfrastructure Integration|
|Component/s:||Globus Toolkit GSISSH Client/Server|
|Reporter:||Jim Basney||Assignee:||Jim Basney|
|Public activity link:||https://software.xsede.org/display/xci-358|
CAN-04: Interactive Login
|Track status in meeting:||no|
Globus Toolkit was supposed to transition to STRICT_RFC2818 mode in 2016:
It appears to not have happened for GSI-OpenSSH. Specifically, GSSAPITrustDNS is defaulting to yes rather than no.
There are comments for XCI-358 that can be viewed with XSEDE authentication.