Mail Archives: cygwin/2006/10/30/03:53:05
On Oct 29 15:35, Igor Peshansky wrote:
> On Wed, 25 Oct 2006, Thorsten Kampe wrote:
>
> > * eyalroz (Wed, 25 Oct 2006 03:18:26 -0700 (PDT))
> >
> > > 3. How do I add new username/password combinations other than my real
> > > NT username and password? I want the sshd to only accept
> > > myalias/tehfauxpass instead of myrealuser/therealpass , and of course
> > > not try to switch users to myalias but rather allow work as
> > > myrealuser.
> >
> > Can't be done in my opinion as /etc/passwd is just a wrapper to the
> > SAM where the real password hashes are stored.
>
> Well, technically, if you omit the SID from the passwd entry, Cygwin may
> use the crypt'ed password in the second field, but the resulting user
> token would be pretty useless, as it will bear no relation to the real
> Windows user... Corinna will probably have more to say on this...
Not really. Thorsten is correct. Cygwin, the DLL, never uses the passwd
field. The crypt library does. I don't understand the sense behind the
the above approach anyway. Security by obscurity? Why not use pubkey
authentication with passphrase instead?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -