I would like to report bug in latest WinSCP 5.7.4.
Enabling tunnel mode in WinSCP causes GSSAPI authorization to fail. Seems that when Tunnel=1 GSSAPI is auto disabled even if AuthGSSAPI=1 GSSAPIFwdTGT=1 is set. On the other hand AgentFwd=1 works flawless even when Tunnel=1.
Please fix GSSAPI authorization and delegation in tunnel mode.