This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: ssh Authentication--RSA/Password



----- Original Message -----
From: "Corinna Vinschen" <cygwin@cygwin.com>
>
> It's a lot of work.
>
> It had to use a NT low level authentication library called LSA
> (Local Security Authority). It requires writing a special DLL called
> LSA authentication module which has to be installed in the system
> together with a change in the registry. Then sshd would have to be
> splited into two parts, the sshd service itself which controls the
> communication and calls the LSA module and the LSA module which would
> have to check the RSA/DSA keys and to allow the log in.
>
> Note that that means that OpenSSH would need a lot of restructuring
> just to be able to allow RSA/DSA on one system (WinNT) while it works
> wonderful on all other systems (OpenBSD, Linux, Solaris, Win9x, ...).
>
> > Are you considering writing it in the future?
>
> We already considered to write it but since it's a very time consuming
> effort neither I nor anybody else at Red Hat would be able to do it
> without a paying customer. The result would then be OSS again as long
> as the customer doesn't demand getting a proprietary solution (which
> I don't hope).

What about a community sponsored effort - ie via one of the "open source
markets". I'm just thinking there are enough folk here who are
interested in this, may be we could collectively fund it?

> BTW, using that method for logon introduces another problem. Since the
> user never typed her password the created user token has no
credentials
> to open network connections. This requires the user to call
> `net use ...' for each network resource and each call requires a
> password!

Could they use ssh to authenticate to other NT machines with the ssh LSA
extension installed?

Rob


--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]