Updated partial auth patch against CVS
Corinna Vinschen
vinschen at redhat.com
Tue May 8 20:36:20 EST 2001
On Sun, May 06, 2001 at 02:57:48PM -0700, Karl M wrote:
> Hi Carson and Corinna...
>
> Carson-->It seems to me that at the end of input_userauth_request it dosen't
> matter what uid we are set to (is this true?), so I think that I can remove
> the tempuid variable and the extra getuid/setuid operations. What do you
> think?
>
> Corinna-->The only call to check_nt_auth I left in auth2.c is in
> userauth_passwd. With a password, check_nt_auth always succeeds, so in
> doesn't need to be there. What do you think?
The reason for checking with `check_nt_auth' is to disallow a user to
login only using any non-password authentication if the users uid is
!= the uid under which sshd is running.
For those, who are not familar with NT/W2K:
The reason is that under normal circumstances switching user context on
NT/W2K is only possible if a password is given, even for administrators.
Without the check_nt_auth check, sshd would allow logon using RSA/DSA
but the user context switch fails => child process is running under a
wrong account!
If your patch accomodates that need even if partial authentication
is _not_ switched on in sshd_config, it's ok with me.
So the question is: Does your code under NT/W2K still refuse login
without password if sshd_config just contains
RSAAuthentication yes
PasswordAuthentication no
and not the slightest word about partial authentication?
Another information is that I'm working on a Cygwin extension to
allow switching user context without using a password. That would
allow in future to logon using RSA/DSA authentication for any
users even on NT/W2K systems. It will have some limitations, though.
Corinna
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com
More information about the openssh-unix-dev
mailing list