Updated partial auth patch against CVS

Karl M karlm30 at hotmail.com
Thu May 3 23:43:45 EST 2001


Hi Carson...

Do you have a copy of your patch against 2.9p1 that I can start from?

Thanks,

...Karl

>From: Carson Gaspar <carson at taltos.org>
>To: Karl M <karlm30 at hotmail.com>, openssh-unix-dev at mindrot.org
>Subject: Re: Updated partial auth patch against CVS
>Date: Wed, 02 May 2001 11:47:28 -0700
>
>
>
>--On Wednesday, May 02, 2001 11:10 AM -0700 Karl M <karlm30 at hotmail.com>
>wrote:
>
>>Hi Carson...
>>
>>Please help me understand the issues/constraints here. Regarding
>>
>>Authorder2 publickey,publickey:password
>>
>>what part of the syntax do you see as a problem? Is it that an
>>authentication sequence is a propper subset of a later authentication
>>sequence in the list?
>
>Yes. Although "later" is irrelevant. If publickey succeeds, you're in.
>You'll never be asked for a password. You're suggesting changing that
>behaviour on Cygwin, making it platform-specific. That's bad.
>
>>If I use
>>
>>Authorder2 publickey:method1,publickey:method2
>>
>>and the public key succeeds but method1 fails, assuming no agent will the
>>user see
>>
>>publickey
>>method1
>>method2
>>
>>or will he see
>>
>>publickey
>>method1
>>publickey
>>method2
>>
>>I would hope and vote for the first.
>
>Currently, it should show "method1,method2". This makes the client "do the
>right thing" and let you re-try your flubbed password, without making you
>re-enter your private key passphrase.
>
>>What I would hope to specify is: publickey (when ssh and sshd userids
>>match)  and publickey:password (when ssh and sshd userids differ). This
>>gets the  password to the sshd so that the userid can be changed in
>>CygWin. Do you  have any thoughts on the syntax for this that would be
>>compatible with your  syntax?
>
>publickey:cygwinoptpass
>
>and add code to handle the cygwin bizzaro world case.
>
>--
>Carson Gaspar - carson at taltos.org
>Queen trapped in a butch body

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com




More information about the openssh-unix-dev mailing list