Cygwin: store authorized_keys in /etc/ssh/user/authorized_keys?
harald at CoWare.com
Fri Jul 13 17:17:47 EST 2007
If I try to login on a Cygwin host via ssh, then my
.ssh on a network drive is unaccessible until I login.
I have to enter my password, even if my authorized_keys
would allow me to login without. This is fatal, since it
forces me to use an interactive session for working on a
Windows host. Unusable for automatic builds and tests
managed from a central machine, for example.
There is no such restriction if I create local
accounts on every Cygwin PC, using local disks for
$HOME/.ssh. Highly inefficient and troublesome, I have
to rsync my data again and again, but it works.
Would it be possible to extend auth2-pubkey.c to
look in /cde/ssh/$LOGNAME/authorized_keys for the
public key, in addtition to the user's .ssh directory?
Of course the usual access restrictions should be
checked. And it should be made a configure option
for the ssh server. I don't want to change the default
This would be a rough patch, just to give you an
--- auth2-pubkey.c~ 2006-08-05 04:39:39.000000000 +0200
+++ auth2-pubkey.c 2007-07-13 09:07:40.000000000 +0200
@@ -282,6 +282,17 @@
file = authorized_keys_file2(pw);
success = user_key_allowed2(pw, key, file);
+ if (success)
+ return success;
+ /* look in system ssh directory for authorized keys */
+ file = xmalloc(4096);
+ snprintf(file, 4096, "/etc/ssh/allowed_users/%s/authorized_keys", pw->pw_name);
+ success = user_key_allowed2(pw, key, file);
Please keep me on CC:, since I am not subscibed to this
CoWare, Inc. | Barbarus hic ergo sum, quia non
Harald Dunkel | intellegor ulli.
Grüner Weg 1 |
52070 Aachen, Germany | Ovid
(+49) 241 943 788 107 |
More information about the openssh-unix-dev