case sensitivity, "Match User" and "AllowUsers"

Corinna Vinschen vinschen at
Fri Feb 19 07:51:00 EST 2010

On Feb 18 12:30, Ben Lindstrom wrote:
> On Feb 18, 2010, at 11:36 AM, Hu, Eric wrote:
> > Based on what I've seen, this is an OpenSSH issue.  My original post explains why.  If the config file says "AllowUsers user," why should any user that is successfully logged in based on this not execute all statements associated with "Match User user?"  The user name used for one is not being used for the other.
> > 
> > Just because we're only seeing it on Cygwin (at least thus far) doesn't mean it's a Cygwin issue.  If the problem is indeed use of mixed user names (as I've stated before, I personally don't know the code well enough to know for sure), I'd say it's an OpenSSH problem.  If there's some spec detailing exactly what getpwnam (and other various underlying calls OpenSSH is relying on) is supposed to do that Cygwin is violating, then maybe it's a Cygwin issue.  Even in this case though, it still looks to me like OpenSSH could be made more robust by not relying on such assumptions.
> Think about this for a moment.. if I do  
> pw = getpwnam("MoUrInG");
> and I get back
> pw->pw_name = "mouring"
> Whose fault is it?  OpenSSH or the OS that it is running on? 

It's not Cygwin's fault.  Usernames on Windows *are* caseinsensitive.
The password entry contains the name in one format, but you can write
in in every case.  That's a property of the underlying system.


Corinna Vinschen
Cygwin Project Co-Leader
Red Hat

More information about the openssh-unix-dev mailing list