authorized_credentials patch.

Matthew N. Dodd matthew.nygard.dodd at gmail.com
Sun Aug 21 13:43:11 EST 2011


Naturally right after I sent this out I found a problem involving quoted 
strings.

Updated patch to follow.

On 8/20/11 3:52 PM, Matthew N. Dodd wrote:
> Gives GSSAPI-MIC the same options capability currently provided for
> public key logins by the AuthorizedKeysFile.
>
> Uses krb5_principal_match() to support widcard matches.
>
> Uses percent_expand() to expand tokens for:
>
> credential USER[/INSTANCE]@REALM
> homedir /home/user
> username user
> cred name USER
> cred instance INSTANCE
> cred realm REALM
>
> My intended application:
>
> # cat ~svn/.ssh/authorized_credentials
> command="/usr/bin/svnserve -t -r /var/svn/ --tunnel-user=%n" */svn@%r
>
> Enjoy.



More information about the openssh-unix-dev mailing list