Re: Proposed: task-secure-system package
Previously Russell Coker wrote:
> The protocol is important here because ssh1 and ssh2 protocols have
> completely different (and convoluted) code paths.
Hmm, looks like you're right. Looks like some evil code duplication there;
the ssh2 code looks saner though.
> I have not worked out which parts of ssh2 to change.
It's not very difficult to find, untested patch attached.
> Also I have not bothered to get the ssh2 Diffie keys to work so I couldn't
> test a patch to the ssh2 protocol if I wrote it.
ssh-keygen -d
cat id_dsa.pub >> authorized_keys2
Wichert.
--
_________________________________________________________________
/ Nothing is fool-proof to a sufficiently talented fool \
| wichert@cistron.nl http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
diff -wur org/openssh-2.2.0p1/auth-rsa.c openssh-2.2.0p1/auth-rsa.c
--- org/openssh-2.2.0p1/auth-rsa.c Tue Jul 11 09:31:38 2000
+++ openssh-2.2.0p1/auth-rsa.c Tue Oct 24 14:13:57 2000
@@ -277,8 +277,10 @@
RSA_free(pk);
- if (authenticated)
+ if (authenticated) {
+ log("Accepted RSA key with comment \"%s\"", cp);
packet_send_debug("RSA authentication accepted.");
+ }
/* Return authentication result. */
return authenticated;
diff -wur org/openssh-2.2.0p1/auth2.c openssh-2.2.0p1/auth2.c
--- org/openssh-2.2.0p1/auth2.c Wed Aug 23 02:46:24 2000
+++ openssh-2.2.0p1/auth2.c Tue Oct 24 14:24:36 2000
@@ -532,6 +532,7 @@
}
if (key_equal(found, key) &&
auth_parse_options(pw, options, linenum) == 1) {
+ log("Matching key with comment \"%s\" found", cp);
found_key = 1;
debug("matching key found: file %s, line %ld",
file, linenum);
Reply to: