doc update

doc/sample.config

@@ -1,7 +1,9 @@
 # User authentication method. Could be set multiple times and in 
 # that case all should succeed. To enable multiple methods use
-# multiple auth directives. Available options: certificate,
-# plain, pam, radius[configfile,groupconfig]. 
+# multiple auth directives. Available options: certificate, 
+# plain, pam, radius[configfile,groupconfig], gssapi.
+#
+# Note that authentication methods cannot be changed with reload.
 
 # certificate:
 #  This indicates that all connecting users must present a certificate.
@@ -25,13 +27,19 @@
 # Group-Name, Framed-IPv6-Address, Framed-IPv6-Prefix, DNS-Server-IPv6-Address,
 # Framed-IP-Address, Framed-IP-Netmask, MS-Primary-DNS-Server, MS-Secondary-DNS-Server
 
-#auth = "certificate"
 #auth = "pam"
 #auth = "pam[gid-min=1000]"
 auth = "plain[./sample.passwd]"
 #auth = "certificate"
 #auth = "radius[/etc/radiusclient/radiusclient.conf,groupconfig]"
 
+# Specify alternative authentication methods that are sufficient
+# for authentication. That is, if set, any of the methods enabled
+# will be sufficient to login.
+#enable-auth = certificate
+#enable-auth = gssapi
+#enable-auth = "gssapi[keytab:/etc/key.tab]"
+
 # Whether to enable seccomp/Linux namespaces worker isolation. That restricts the number of 
 # system calls allowed to a worker process, in order to reduce damage from a
 # bug in the worker process. It is available on Linux systems at a performance cost.