Kerberos/GSSAPI support for knife ssh

ssh.rb

--- chef/lib/chef/knife/ssh.rb	2015-07-31 18:59:12.325073131 +0000
+++ /opt/chef/embedded/apps/chef/lib/chef/knife/ssh.rb	2015-07-31 18:58:04.727929333 +0000
@@ -25,6 +25,7 @@
       deps do
         require 'net/ssh'
         require 'net/ssh/multi'
+        require 'net/ssh/kerberos'
         require 'chef/monkey_patches/net-ssh-multi'
         require 'readline'
         require 'chef/exceptions'
@@ -111,6 +112,12 @@
         :boolean => true,
         :proc => Proc.new { :raise }

+      option :kerberos_auth,
+        :short => '-k',
+        :long => '--kerberos',
+        :description => "Enable Kerberos authentication",
+        :boolean => false
+
       def session
         config[:on_error] ||= :skip
         ssh_error_handler = Proc.new do |server|
@@ -224,6 +231,7 @@
                                 Chef::Config[:knife][:ssh_port] ||
                                 ssh_config[:port]
           session_opts[:logger] = Chef::Log.logger if Chef::Log.level == :debug
+          session_opts[:auth_methods] = ["gssapi-with-mic"] if config[:kerberos_auth]

           if !config[:host_key_verify]
             session_opts[:paranoid] = false