| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=ayHyouyDicttE88rEHQUoTWZk98dY/5YHS8LgYO6Qgf+E9D3YHqce | |
| DODxzR+3TzxypY/axMxaRwWWcGokOqVwQMhH91w0ig/8ov7aGFXgHkFEGN0ed5SP | |
| nRWGwqezsJPelWtzMLYniCVn9n8FsscRzff89vxLf1h5spbZaIC/EI= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=m87UDXBKQGrtZCTBju/B7WqZdjA=; b=T+2OgUnMhtksAhyV0Nn7HspAapin | |
| j8KoY8CUrhhIjL8n5RinB4x25LhUnAfyFTftRhSuyxaJG5zTJtL5ov1ohXRFx/u+ | |
| uV5hkbHVMs+NMOOUXOiKJ/6zJSjfobfmIsEduPB/rc3yqT3faJ8MJmAIokdth6UN | |
| s02+pY/9Hrbbgps= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-4.6 required=5.0 tests=AWL,BAYES_50 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Thu, 26 Jun 2014 10:32:53 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: LDAP integration and sshd |
| Message-ID: | <20140626083253.GA25654@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <loom DOT 20140625T141552-513 AT post DOT gmane DOT org> <20140625130727 DOT GQ1803 AT calimero DOT vinschen DOT de> <loom DOT 20140626T093103-970 AT post DOT gmane DOT org> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <loom.20140626T093103-970@post.gmane.org> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Jun 26 07:35, Achim Gratz wrote:
> Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > - Build your own OpenSSH package with the following patch applied:
> >=20
> > http://lists.mindrot.org/pipermail/openssh-unix-dev/2014-May/032591.h=
tml
> >=20
> > It converts the static request for an account called "sshd" into
> > a function call which checks for the "sshd" account by calling
> > a Cygwin DLL function checking for the account by prepending the
> > potential prefixes. This patch has been applied upstream, and
> > a new version of OpenSSH will be available as soon as we go life
> > with the AD integration stuff.
>=20
> Is there a corresponding change needed to take care of LDAP groups so the=
se
"LDAP groups" is rather misleading. The naming convention has nothing
to do with LDAP, rather it's a Interix invention. The names are
generated inside the Cygwin DLL in dependent of using LDAP or not.
> can be used in AllowGroups?
In theory, no. AllowGroups is admin-settable in the config file while
the "sshd" user request is built into the code. Just use the names as
you get them:
AllowGroups bla MACHINE+blub DOMAIN+blubber ...
Corinna
(*) per MSFT this is supposed to be faster than NetUserEnum and uses less
resources. In my limited environment, `getent group' is in fact five
times faster than the former `mkgroup -l -d'.
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--WIyZ46R2i8wDzkSu
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTq9q1AAoJEPU2Bp2uRE+g7FgP/2C/gAwRkCYgK8ZT1KvbIA+D
l+KQJhncPTX7vCzeimH77kGIaj266XR2YoHctcmmG/dJjMitJ4A2iRImysnyqSIW
cgPGhj6JCv4tVUT5+q+/FaWS+Huq+uJuz5GNFBMVn1HNoPdikH27nBLBkDm0zcOr
IGJXPzfPo0wDUvkqP5PllBBYquc6avwXSh9mHh3ZMAMG1jKyhfdVa9CmbIxe0e8O
r/qz2y88q3iPS0FSZEphlzrBIDirGg5K4/vXq0YA9CsbrHkybLS5Agwdclc0u/n3
W1QA03+95jmbnq9FsTTw+noaCaXtA8/oLgWP1zvKiSYakjwzX6qJgY3okB37PI6N
pftkAMfVWtwNGWgTiGmS/HuMoWWkJTsHQHffBKhIKRUEBDG4vzdnUPjpG2keP4on
ZovB2TX69rblzFqGisRHPi1ti4wz7mX8KN9asVuOP/yiVHohNJ6hUcyyMBVC/1ZW
1iJkotH9SgROkV5ZzZhDQl780qL0WfJG47+WxUNc6UDLfkknL2jPlw1SCKYMgoKb
eSVRpvbEkz0Zm8VRVJsz1jqD+ecKXzd+7HOuHGiN5re0eX6BCzeQFPE6yICzhpDc
TNNWStNlIV9CwBBRkzNP5zl4GytXdHQllJN5mUtCHdHfaQp7CD0Q0/Wvzt9pJijT
utbZi59zwKQeSsdxOch9
=gwmO
-----END PGP SIGNATURE-----
--WIyZ46R2i8wDzkSu--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |