Displaying 3 results from an estimated 3 matches for "num_authkeys_files".
2019 May 20
4
Authenticate against key files before AuthorizedKeysCommand
Hello,
Currently OpenSSH has a fixed order on how the key authenticates the
user: at first it tries to authenticate against TrustedUserCAKeys,
afterwards it does it against the output keys from the
AuthorizedKeysCommand and finally against the files as set in
AuthorizedKeysFile. I have an use-case where this order is not ideal.
This is because in my case the command fetches keys from the cloud
2012 Aug 30
1
Patch to allow glob patterns as authorized keys file names
...Allow glob patterns in authorized keys file names.
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -454,9 +454,16 @@ user_key_allowed(struct passwd *pw, Key *key)
return success;
for (i = 0; !success && i < options.num_authkeys_files; i++) {
+ int j;
+ glob_t glob_result;
file = expand_authorized_keys(
options.authorized_keys_files[i], pw);
- success = user_key_allowed2(pw, key, file);
+ glob(file, GLOB_NOCHECK, NULL, &glob_result);...
2014 Jun 06
1
Patch: Ciphers, MACs and KexAlgorithms on Match
...+209,9 @@ struct connection_info {
M_CP_STROPT(authorized_principals_file); \
M_CP_STROPT(authorized_keys_command); \
M_CP_STROPT(authorized_keys_command_user); \
+ M_CP_STROPT(ciphers); \
+ M_CP_STROPT(macs); \
+ M_CP_STROPT(kex_algorithms); \
M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
M_CP_STRARRAYOPT(allow_users, num_allow_users); \
M_CP_STRARRAYOPT(deny_users, num_deny_users); \
Index: sshd.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/sshd.c,v
retrieving revision 1.426
diff -u -p -u -r1.426 sshd.c
--- sshd.c 29...