( GSSAPI authenticated

Info Catalog ( Password authenticated ( Remote repositories ( Kerberos authenticated
 2.9.5 Direct connection with GSSAPI
 GSSAPI is a generic interface to network security systems such as
 Kerberos 5.  If you have a working GSSAPI library, you can have CVS
 connect via a direct TCP connection, authenticating with GSSAPI.
    To do this, CVS needs to be compiled with GSSAPI support; when
 configuring CVS it tries to detect whether GSSAPI libraries using
 Kerberos version 5 are present.  You can also use the `--with-gssapi'
 flag to configure.
    The connection is authenticated using GSSAPI, but the message stream
 is _not_ authenticated by default.  You must use the `-a' global option
 to request stream authentication.
    The data transmitted is _not_ encrypted by default.  Encryption
 support must be compiled into both the client and the server; use the
 `--enable-encrypt' configure option to turn it on.  You must then use
 the `-x' global option to request encryption.
    GSSAPI connections are handled on the server side by the same server
 which handles the password authentication server; see  Password
 authentication server.  If you are using a GSSAPI mechanism such as
 Kerberos which provides for strong authentication, you will probably
 want to disable the ability to authenticate via cleartext passwords.
 To do so, create an empty `CVSROOT/passwd' password file, and set
 `SystemAuth=no' in the config file ( config).
    The GSSAPI server uses a principal name of cvs/HOSTNAME, where
 HOSTNAME is the canonical name of the server host.  You will have to
 set this up as required by your GSSAPI mechanism.
    To connect using GSSAPI, use the `:gserver:' method.  For example,
      cvs -d checkout foo
Info Catalog ( Password authenticated ( Remote repositories ( Kerberos authenticated
automatically generated byinfo2html