[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

ssh patches (better PAM support)



Hi,

I've uploaded the latest version of my ssh->PAM patch:

	http://www.kernel.org/pub/linux/libs/pam/pre/ssh-PAM-mods.tar.gz
	ftp://www.kernel.org/pub/linux/libs/pam/pre/ssh-PAM-mods.tar.gz

Over the previous version, this patch makes a (weak) attempt to
integrate the PAM environment setting conventions into sshd.

A note on the version: 1.2.20 (4th revision).  If I recall there is
some security problem with this version related to the common user
being able to redirect ports arbitrarily.  Since this is a development
version of the PAM patch I'm not too bothered about upgrading, but if
anyone wants to do the donkey work and adapt the patch for the latest
and greatest release of ssh now, I'd be happy for them to do so.
Please post a pointer to the patches when you are done.

Note, my legal paranoia means that there is no crypto in my patches.
You will have to get the source for ssh from somewhere else (for help
on this there is a README in the above tar ball).

Further work:  we really need to work out how to plug in non-typed
authentication schemes.  There is a basic framework involving "BINARY"
message exchange (see the patch for the reserved tokens) but as to how
we do this, I have a blessing from Vipin to be creative...

[Suggestions are very welcome.  We will also need someone in a liberal
minded country to do some coding for things like RSA authentication
but we can worry about that after we've discussed it.]

Have fun,

Cheers

Andrew




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []