I know it is possible to integrate Linux/SSH logins with a Windows AD by using GSSAPI (Kerberos) authentication instead of the classic ssh keys and/or passwords.
However, I have been unable to find much information about the security of this solution.
Perhaps someone could assist by explaining the security model and any inherent weaknesses?
Edit: Let me clarify that I am looking specifically at implementing GSSAPIAuthentication in openssh.
This is really broad question and not exact. There are two ways how to use GSSAPI for SSH logins:
GSSAPIAuthentication - part of opensshThe plus is certainly the manageability - with GSSAPI key exchange you don't have to even care about host keys. Just register the host to domain.
For key exchange, there are used basically these methods. The first is considered possibly vulnerable, because they use 1024 b primes. They are based on respective DH key exchange methods.
Update in 2022: Since I wrote this answer, we worked on modernizing the gssapi key exchange specification in RFC8732 so now so nowadays, the following modern key exchange methods are implemented and supported in Fedora, RHEL as well as Debian:
The original key exchanges are not recommended to be used anymore.
About the GSSAPI Authentication, you use normal SSH key exchange methods (ECDH preferably), which has to be managed somehow else (certificates?) to mitigate MitM. Then authenticate to remote host using kerberos. This communication is already encrypted so there is no different security question than authenticating to any other kerberos service or using any other authentication method in SSH that does not transfer secrets (public key authentication, not passwords).
