Re: openssh on interix - openssh
This is a discussion on Re: openssh on interix - openssh ; Martin Koeppe wrote: > Hi openssh developers, > > I'm trying to port openssh to Interix. See [1] for more on this. > > For Interix sshd needs to be patched to not use setuid()/setgid(), but > an Interix specific ...
 |
| | LinkBack | Tools |
|
#1
11-10-2008, 07:15 PM
| |||
| |||
 Re: openssh on interix Martin Koeppe wrote: > Hi openssh developers, > > I'm trying to port openssh to Interix. See [1] for more on this. > > For Interix sshd needs to be patched to not use setuid()/setgid(), but > an Interix specific function setuser(). See [2] why it is needed. > Unfortunately, setuser() needs the clear-text password of the user to > be fully functional (If you use password-less setuser(), then the > user doesn't have network access rights, e.g. no access to a network > home dir). Sounds like what you are trying to do is run the sshd on a Windows machine, and get the user's windows password so they can "login" to Windows? If the sshd could use the GSSAPI and delegated credentials, it might be possible to pass the Kerberos ticket into the LSA. This could give you single sign on. I believe with a registry setting, the Kerberos for Windows can do something like this. You might want to ask on the kerberos@mit.edu list http://www.vandyke.com/products/vshell/index.html might be another possibility. > > The problem is now: How to get the clear-text password from > auth-passwd.c:auth_password() > to > uidswap.c  ermanently_set_uid()> where it would be needed as argument for setuser()? > > See [3] for the patch I'm currently using. My first idea would be to > use the struct passwd pw_passwd field that is passed to > permanently_set_uid() for storing the clear-text password after > successful (password-)authentication. > > Before looking into details I just want to ask: > Would such use of struct passwd be a security issue? > > > Many thanks in advance > > Martin > > > [1] http://www.debian-interix.net/ > [2] http://www.suacommunity.com/forum/tm...=setuserᮕ > [3] http://www.debian-interix.net/debian...2.interdiff.gz > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@mindrot.org > https://lists.mindrot.org/mailman/li...enssh-unix-dev > > -- Douglas E. Engert Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev  |
 |
« Previous Thread
|
Next Thread »
| Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Re: openssh on interix | unix | openssh | 0 | 11-11-2008 04:55 PM |
| Re: openssh on interix | unix | openssh | 0 | 11-11-2008 04:51 PM |
| Re: openssh on interix | unix | openssh | 0 | 11-11-2008 12:27 PM |
| Re: openssh on interix | unix | openssh | 0 | 11-10-2008 10:38 PM |
| openssh on interix | unix | openssh | 0 | 11-05-2008 10:52 PM |
All times are GMT. The time now is 08:33 AM.
