X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
From: "Chen Yue" <godsarmycy@gmail.com>
To: <cygwin@cygwin.com>
Subject: is it possible to re-compile sshd to support "real-user" login in terms of public key authentication
Date: Mon, 18 Feb 2008 20:45:48 +0800
MIME-Version: 1.0
Content-Type: text/plain; 	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Message-ID: <47b97e22.1ed7720a.6129.734a@mx.google.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

Hi Cygwin experts

We all know user can login cygwin sshd to get real-user only by password. If
user logins sshd by public key, he/she could merely get the ACL in which the
sshd process is run.

But in Tectia windows sshd(www.ssh.com), user can get the proper ACL no
matter he/she logins in terms of password or public key. So I checked source
code of cygwin sshd, finding it uses WINAPI LogonUser to get the proper ACL
in auth_passwd. However, this API is not introduced in auth_pubkey since it
requires password in the third parameter. So I wonder how Tectia sshd
implements this mechanism.
Is it possible I re-compile Cygwin sshd to support this feature? 


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/