This is the mail archive of the
mailing list for the Cygwin project.
Re: ssh Authentication--RSA/Password
----- Original Message -----
From: "Corinna Vinschen" <firstname.lastname@example.org>
> It's a lot of work.
> It had to use a NT low level authentication library called LSA
> (Local Security Authority). It requires writing a special DLL called
> LSA authentication module which has to be installed in the system
> together with a change in the registry. Then sshd would have to be
> splited into two parts, the sshd service itself which controls the
> communication and calls the LSA module and the LSA module which would
> have to check the RSA/DSA keys and to allow the log in.
> Note that that means that OpenSSH would need a lot of restructuring
> just to be able to allow RSA/DSA on one system (WinNT) while it works
> wonderful on all other systems (OpenBSD, Linux, Solaris, Win9x, ...).
> > Are you considering writing it in the future?
> We already considered to write it but since it's a very time consuming
> effort neither I nor anybody else at Red Hat would be able to do it
> without a paying customer. The result would then be OSS again as long
> as the customer doesn't demand getting a proprietary solution (which
> I don't hope).
What about a community sponsored effort - ie via one of the "open source
markets". I'm just thinking there are enough folk here who are
interested in this, may be we could collectively fund it?
> BTW, using that method for logon introduces another problem. Since the
> user never typed her password the created user token has no
> to open network connections. This requires the user to call
> `net use ...' for each network resource and each call requires a
Could they use ssh to authenticate to other NT machines with the ssh LSA
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple