openssh on interix

Martin Koeppe mkoeppe at
Thu Nov 6 09:52:21 EST 2008

Hi openssh developers,

I'm trying to port openssh to Interix. See [1] for more on this.

For Interix sshd needs to be patched to not use setuid()/setgid(), but 
an Interix specific function setuser(). See [2] why it is needed. 
Unfortunately, setuser() needs the clear-text password of the user to 
be fully functional (If you use password-less setuser(), then the 
user doesn't have network access rights, e.g. no access to a network 
home dir).

The problem is now: How to get the clear-text password from
where it would be needed as argument for setuser()?

See [3] for the patch I'm currently using. My first idea would be to 
use the struct passwd pw_passwd field that is passed to 
permanently_set_uid() for storing the clear-text password after 
successful (password-)authentication.

Before looking into details I just want to ask:
Would such use of struct passwd be a security issue?

Many thanks in advance



More information about the openssh-unix-dev mailing list