| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com> |
| List-Archive: | <http://sourceware.cygnus.com/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT sourceware DOT cygnus DOT com> |
| List-Help: | <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs> |
| Sender: | cygwin-owner AT sourceware DOT cygnus DOT com |
| Delivered-To: | mailing list cygwin AT sourceware DOT cygnus DOT com |
| From: | "Prentis Brooks" <prentis AT aol DOT net> |
| To: | "cygwin" <cygwin AT sourceware DOT cygnus DOT com> |
| Subject: | RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite] |
| Date: | Sat, 27 May 2000 23:57:51 -0400 |
| Message-ID: | <NEBBLEPLMLJEEFHAGMDMEECLCAAA.prentis@aol.net> |
| MIME-Version: | 1.0 |
| X-Priority: | 3 (Normal) |
| X-MSMail-Priority: | Normal |
| X-Mailer: | Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) |
| In-Reply-To: | <39303F67.D6C4E256@vinschen.de> |
| X-MimeOLE: | Produced By Microsoft MimeOLE V5.00.2314.1300 |
| Importance: | Normal |
Thanks Corinna, I will not be in the office until Tuesday (Memorial Day holiday here in the US). At that time I will apply your updated binaries and continue from there. Also, I quickly glanced through the diff file but did not see how you corrected this... or at least you corrected it in a way completely different from what I was looking to do. Would you mind telling me how you solved the problem of unauthorized access to a another account? (specifically, being able to login to RSA enabled SSHD eventhough your RSA key is not part of that SSHD's user's authorized_key file.) -----Original Message----- From: corinna AT snoopy DOT vinschen DOT de [mailto:corinna AT snoopy DOT vinschen DOT de]On Behalf Of Corinna Vinschen Sent: Saturday, May 27, 2000 5:35 PM To: Prentis Brooks Cc: Cygwin Subject: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite] Prentis Brooks wrote: > You have RSA Authentication enabled and running as user foo on port 22. You > have another Daemon running SSH with password authentication on port 26. If > user bar sets up RSA keys in his/her home directory and then connects to > port 22, it will authenticate him/her via the keys in bar's home directory > and then promptly drop them to the shell as foo... this is bad. Should be solved in my new version. You will find it in ftp://ftp.franken.de/pub/win32/develop/gnuwin32/cygwin/porters/Vinschen_Cori nna/V1.1.1 files openssh-1.2.2-2.README openssh-1.2.2-2.tar.gz openssh-1.2.2-2.diff Have fun, Corinna -- Corinna Vinschen Cygwin Developer Cygnus Solutions, a Red Hat company -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |