ssh Authentication--RSA/Password

Michael Erdely cygwin@cygwin.com
Sun Apr 1 10:03:00 GMT 2001


You can currently run sshd using RSA authentication.  You just have to have
sshd running as that user.  You could run different instances of sshd for
each user to log on on a different port (2201, 2202, 2203, . . .)

Good luck,
-ME

----- Original Message -----
From: "Karl M" <karlm30@hotmail.com>
To: <cygwin@cygwin.com>
Sent: Sunday, April 1, 2001 12:29 PM
Subject: ssh Authentication--RSA/Password


> Hi Corinna and All...
>
> I need to allow multiple users to log on to a win2k system with ssh, but I
> am concerned about the security of allowing password authentication. I
> understand that curently you need to get the password to the sshd host so
> that the setuid can work and that this is why you use password
> authentication. You mentioned that some other software would be required
to
> eliminate this need.
>
> How big a job is this and how would it work?
>
> Are you considering writing it in the future?
>
> Is there annother way we could get the password to the sshd host?
>
> I would be willing to type a passphrase and a password to log in. The
> passphrase would allow RSA authentication; the password would allow the
> setuid to work. Then I would disable password authentication in the
> sshd_config file. I would then have a secure authentication without
worrying
> (as much) about users selecting weak passwords. I don't see any security
> holes introduced by this, as the tunnel is open when we bring the password
> through.
>
> What are your thoughts?
>
> Thanks,
>
> ...Karl
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
> --
> Want to unsubscribe from this list?
> Check out: http://cygwin.com/ml/#unsubscribe-simple
>
>


--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list