From owner-freebsd-bugs Mon Apr 8 10:20:12 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 02B6437B41A for ; Mon, 8 Apr 2002 10:20:01 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g38HK0I86886; Mon, 8 Apr 2002 10:20:00 -0700 (PDT) (envelope-from gnats) Received: from mail.asahi-net.or.jp (mail1.asahi-net.or.jp [202.224.39.197]) by hub.freebsd.org (Postfix) with ESMTP id 8F43037B400 for ; Mon, 8 Apr 2002 10:11:35 -0700 (PDT) Received: from schia.willbe6.org (g033126.ppp.asahi-net.or.jp [211.132.33.126]) by mail.asahi-net.or.jp (Postfix) with ESMTP id C117E6B8D for ; Tue, 9 Apr 2002 02:11:33 +0900 (JST) Message-Id: <86k7riune2.wl@schia.asahi-net.or.jp> Date: Tue, 09 Apr 2002 02:10:45 +0900 From: Kazutoshi Kubota To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/36884: add support id_rsa (OpenSSH/RSA2) authentication to pam_ssh Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 36884 >Category: bin >Synopsis: add support id_rsa (OpenSSH/RSA2) authentication to pam_ssh >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Apr 08 10:20:00 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Kazutoshi Kubota >Release: FreeBSD 4.5-STABLE i386 >Organization: CBUG - Tokyo west area BSD Users Group >Environment: System: FreeBSD schia.willbe6.org 4.5-STABLE FreeBSD 4.5-STABLE #0: Tue Apr 2 02:35:58 JST 2002 root@schia.willbe6.org:/usr/obj/usr/src/sys/PURISSIMA i386 >Description: OpenSSH can handle RSA2 key authentication, but pam_ssh does not handle this. Add RSA2 (id_rsa) authentication, please. >How-To-Repeat: >Fix: Index: pam_ssh.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_ssh/pam_ssh.c,v retrieving revision 1.28.2.2 diff -u -r1.28.2.2 pam_ssh.c --- pam_ssh.c 6 Apr 2002 05:24:36 -0000 1.28.2.2 +++ pam_ssh.c 8 Apr 2002 16:29:34 -0000 @@ -183,6 +183,7 @@ int retval; /* from calls */ int pam_auth_dsa; /* Authorised via DSA */ int pam_auth_rsa; /* Authorised via RSA */ + int pam_auth_rsa2; /* Authorised via RSA2 */ const char *user; /* username */ while (argc--) @@ -218,10 +219,14 @@ pwd, pass); pam_auth_rsa = auth_via_key(pamh, KEY_RSA1, SSH_CLIENT_IDENTITY, dotdir, pwd, pass); + pam_auth_rsa2 = auth_via_key(pamh, KEY_RSA, SSH_CLIENT_ID_RSA, dotdir, + pwd, pass); authenticated = 0; if (pam_auth_dsa == PAM_SUCCESS) authenticated++; if (pam_auth_rsa == PAM_SUCCESS) + authenticated++; + if (pam_auth_rsa2 == PAM_SUCCESS) authenticated++; /* Index: pam_ssh.h =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_ssh/pam_ssh.h,v retrieving revision 1.1.2.1 diff -u -r1.1.2.1 pam_ssh.h --- pam_ssh.h 4 Apr 2002 12:29:36 -0000 1.1.2.1 +++ pam_ssh.h 8 Apr 2002 16:22:27 -0000 @@ -30,6 +30,7 @@ #define SSH_CLIENT_DIR ".ssh" #define SSH_CLIENT_IDENTITY "identity" #define SSH_CLIENT_ID_DSA "id_dsa" +#define SSH_CLIENT_ID_RSA "id_rsa" /* * Compatibility with SSH2 from SSH Communications Security. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message