| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com> |
| List-Archive: | <http://sourceware.cygnus.com/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT sourceware DOT cygnus DOT com> |
| List-Help: | <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs> |
| Sender: | cygwin-owner AT sourceware DOT cygnus DOT com |
| Delivered-To: | mailing list cygwin AT sourceware DOT cygnus DOT com |
| From: | "Prentis Brooks" <prentis AT aol DOT net> |
| To: | "Cygwin" <cygwin AT sourceware DOT cygnus DOT com> |
| Subject: | No this has a nasty bite |
| Date: | Fri, 26 May 2000 13:45:37 -0400 |
| Message-ID: | <NEBBLEPLMLJEEFHAGMDMMECJCAAA.prentis@aol.net> |
| MIME-Version: | 1.0 |
| X-Priority: | 3 (Normal) |
| X-MSMail-Priority: | Normal |
| X-Mailer: | Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) |
| X-MimeOLE: | Produced By Microsoft MimeOLE V5.00.2314.1300 |
| Importance: | Normal |
Alright, this is a problem... Corinna, if you happen to have a quick solution before I start trying to dig around in the source, please let me know. Here is the problem: You have RSA Authentication enabled and running as user foo on port 22. You have another Daemon running SSH with password authentication on port 26. If user bar sets up RSA keys in his/her home directory and then connects to port 22, it will authenticate him/her via the keys in bar's home directory and then promptly drop them to the shell as foo... this is bad. Any ideas on how to: 1) Identify who the RSA enabled process is running under 2) Once one is known, ensure that the user coming in is the user we are running under, rejecting if not. Prentis -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |