home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
linuxmafia.com 2016
/
linuxmafia.com.tar
/
linuxmafia.com
/
pub
/
linux
/
security
/
ylonen-ssh
/
ssh-1.2.27-securid.patch
< prev
next >
Wrap
Text File
|
2000-06-09
|
3KB
|
83 lines
http://marc.theaimsgroup.com/?l=secure-shell&m=94693990211130&w=2
List: secure-shell
Subject: Submission: Transparent support for SecurID in SSH1.2.27 (scp)
From: Adrian Steinmann <ast@marabu.ch>
Date: 2000-01-03 21:09:02
--NeXT-Mail-1409056526-1
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
The patch at
http://www.webgroup.ch/ast/SecurID4ssh1.2.27.patch
solves the problem of having to enter two passwords
when SecurID is enabled via /etc/securid.users. With this version,
only the SecurID passphrase is required when the user is configured
to use SecurID. In particular, this allows scp to work transparently
with SecurID, because the login shell (i.e. /bin/ksh instead of
/usr/ace/sdshell) does not require a second (in-band) password.
This patch for SSH 1.2.27 replaces the /etc/securid.users file with
a keyword in sshd_config: Instead of searching for the user in an
auxiliary file, we check if the user's shell is a "SecurID Shell",
i.e. one in a list of maximum 8 (or _all_ shells if * is specified).
I.e. the name of the user's shell controls if SecurID or classic
authentication is required.
Adrian Steinmann
_______________________________________________________________________
Dr. Adrian Steinmann Steinmann Consulting Apollostrasse 21 8032 Zurich
Tel +41 1 380 30 83 Fax +41 1 380 30 85 Mailto:ast@marabu.ch
--NeXT-Mail-1409056526-1
Content-Type: text/enriched; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
The patch at
http://www.webgroup.ch/ast/SecurID4ssh1.2.27.patch
solves the problem of having to enter two passwords
when SecurID is enabled via /etc/securid.users. With this version,
only the SecurID passphrase is required when the user is configured
to use SecurID. In particular, this allows scp to work transparently
with SecurID, because the login shell (i.e. /bin/ksh instead of
/usr/ace/sdshell) does not require a second (in-band) password.
This patch for SSH 1.2.27 replaces the /etc/securid.users file with
a keyword in sshd_config: Instead of searching for the user in an
auxiliary file, we check if the user's shell is a "SecurID Shell",
i.e. one in a list of maximum 8 (or _all_ shells if * is specified).
I.e. the name of the user's shell controls if SecurID or classic
authentication is required.
<bold>Adrian Steinmann
</bold>_______________________________________________________________________
Dr. Adrian Steinmann Steinmann Consulting Apollostrasse 21 8032 Zurich
Tel +41 1 380 30 83 Fax +41 1 380 30 85 Mailto:ast@marabu.ch
--NeXT-Mail-1409056526-1--