This is the mail archive of the cygwin@sources.redhat.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: RSA authentication


On Wed, Feb 28, 2001 at 11:15:35AM +0200, Ehud Karni wrote:
> On Tue, 27 Feb 2001 18:43:59 +0100, Corinna Vinschen <cygwin@cygwin.com> wrote:
> > 
> > You can log in using RSA only to the user account which has started
> > sshd. So if you need to logon as admin, start sshd as service under
> > admin account. Any other user has to use password authentication
> > or has to get it's own sshd running on another port than 22.
> 
> On Linux I use RSA authentication for all users, in fact I disabled
> password authentication (too vulnerable). I run sshd as inetd service.
> 
> Can it be done on NT this way too ?

On NT you can do this only for one user per sshd running.

If you want to do this for all users you need to run one sshd
for each of them. Each sshd has to run under the corresponding
user account and it has to use it's own port! You need to
start the sshds with their own sshd_config. Example:

User foo	/etc/sshd_config.foo	containing a line "Port 22001"
User bar	/etc/sshd_config.bar	containing a line "Port 22002"

Assuming you're running the services with SRVANY, install two services
"sshd_foo" running under account foo and "sshd_bar" running under account
bar.

In the service registry key "...\services\sshd_foo" add the string
"Application" with the value
"<YourCygwinRoot>\usr\sbin\sshd.exe -f /etc/sshd_config.foo"

and in the service registry key "...\services\sshd_bar" add "Application"
with value "<YourCygwinRoot>\usr\sbin\sshd.exe -f /etc/sshd_config.bar"

Assuming the name of the NT box is "ntbox" the users have to add
the following to their ~/.ssh/config:

User foo:

	Host ntbox
	  Port 22001

User bar:

	Host ntbox
	  Port 22002

Hope, that helps,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]