[cvsnt] Re: cygwin ssh server and author being set to SYSTEM

Hartmut Honisch hartmut_honisch at web.de
Tue Dec 16 15:15:33 GMT 2003


>
> The whole security thing for example...
>
> If you allow users to login without passwords in that way, once that
> package is on the system it's a potential wide open security hole...

Yes, unfortunately. IIRC there were also other issues, like breaking
compatibility with the way cygwin currently handles user groups.

I guess a secure SSH server would have to pass the public key to the
authentication module, which would have to verify it against the user's
private key, which would have to be stored in a secure location.

Maybe someone is willing to enhance OpenSSH to make it do something like
that...

-Hartmut




More information about the cvsnt mailing list