Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive: <http://sourceware.cygnus.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help: <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender: cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com
Message-ID: <39303F67.D6C4E256@vinschen.de>
Date: Sat, 27 May 2000 23:34:31 +0200
From: Corinna Vinschen <corinna AT vinschen DOT de>
Reply-To: cygwin <cygwin AT sourceware DOT cygnus DOT com>
X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.14 i686)
X-Accept-Language: de, en
MIME-Version: 1.0
To: Prentis Brooks <prentis AT aol DOT net>
CC: Cygwin <cygwin AT sourceware DOT cygnus DOT com>
Subject: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
References: <NEBBLEPLMLJEEFHAGMDMMECJCAAA DOT prentis AT aol DOT net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Prentis Brooks wrote:
> You have RSA Authentication enabled and running as user foo on port 22.  You
> have another Daemon running SSH with password authentication on port 26.  If
> user bar sets up RSA keys in his/her home directory and then connects to
> port 22, it will authenticate him/her via the keys in bar's home directory
> and then promptly drop them to the shell as foo... this is bad.

Should be solved in my new version. You will find it in

ftp://ftp.franken.de/pub/win32/develop/gnuwin32/cygwin/porters/Vinschen_Corinna/V1.1.1

files

	openssh-1.2.2-2.README
	openssh-1.2.2-2.tar.gz
	openssh-1.2.2-2.diff


Have fun,
Corinna

-- 
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com