Hello to all the Great "crypto" People (... my first time in this list ..) I'm trying to compile openSSH-3.4p1 with the SecureID patch taken from: http://www.omniti.com/~jesus/projects/openssh-3.4p1+SecurID_v1.patch I'm having trouble to compile the patched openSSH over the Cygwin platform. this is probably since there is no cygwin SecureID agent available , so i'm using the linux one (Redhat). does anyone has a solution ? I've read the archives regarding the issue of secureid agent , and it seems that openssh would like to base auth over PAM. as PAM will solve some applications compatibility issues, it won't solve cases such as cygwin. as far as I know , there is now PAM port to cygwin. the aim of all this is to build a BUILT-IN feature in openssh to have auth option via some kind of a certification authority CA (like ace server). that way regardless of the platform (and the local users and so on) , it will be possible to auth to the ssh spereaded around in our network. therefor i'd would like to ask you people to consider again, to built in openssh feature of secureid agent. TIA , Ran Sasson , Inside OutSourcing (I.O.) Ltd.
--On Thursday, July 04, 2002 3:26 AM +0200 "PostMaster @ I.O. Ltd." <insideout at barak.net.il> wrote:> Hello to all the Great "crypto" People (... my first time in this list ..) > I'm trying to compile openSSH-3.4p1 with the SecureID patch taken from: > http://www.omniti.com/~jesus/projects/openssh-3.4p1+SecurID_v1.patch > I'm having trouble to compile the patched openSSH over the Cygwin > platform. this is probably since there is no cygwin SecureID agent > available , so i'm using the linux one (Redhat). > does anyone has a solution ?No. There is no solution, unless RSA provides SecurID libraries for Cygwin. Which I don't see happening anytime soon.> the aim of all this is to build a BUILT-IN feature in openssh to have auth > option via some kind of > a certification authority CA (like ace server). > that way regardless of the platform (and the local users and so on) , > it will be possible to auth to the ssh spereaded around in our network.The ACE server has _nothing_ to do with a CA. It does no public key crypto at all. It just does DES. It also has an "interesting" way of transmitting the shared secret (although rumour has it the current rev fixed that). -- Carson