4.23 The GSSAPI panel
The ‘GSSAPI’ subpanel of the ‘Auth’ panel controls the use of GSSAPI authentication. This is a mechanism which delegates the authentication exchange to a library elsewhere on the client machine, which in principle can authenticate in many different ways but in practice is usually used with the Kerberos single sign-on protocol to implement passwordless login.
GSSAPI is only available in the SSH-2 protocol.
The topmost control on the GSSAPI subpanel is the checkbox labelled ‘Attempt GSSAPI authentication’. If this is disabled, GSSAPI will not be attempted at all and the rest of this panel is unused. If it is enabled, GSSAPI authentication will be attempted, and (typically) if your client machine has valid Kerberos credentials loaded, then PuTTY should be able to authenticate automatically to servers that support Kerberos logins.