Web lists-archives.com

Re: sshd: computer name's case must match?




On Feb 13 10:43, Bill Stewart wrote:
> On Wed, Feb 13, 2019 at 9:26 AM Corinna Vinschen
> <corinna-cygwin@xxxxxxxxxx> wrote:
> > No, that was a bug.  With case insenitive usernames, the pattern
> > matching in OpenSSH won't work and you create a potential security
> > problem.
> 
> I see - interoperability issue.
> 
> Therefore it becomes imperative on the Windows side to match username
> case exactly and we need to explain this.
> 
> However I would say that the case of the domain or computername
> shouldn't matter?
> 
> I just tested with cygwin1.dll (13 Feb 2019) and this worked:
> 
> ssh COMPUTERNAME+username@computername
> 
> however this didn't work:
> 
> ssh computername+username@computername
> 
> Am I not understanding something?

The complete string "domain+samaccountname" is the Cygwin username,
see the output of `getent passwd <user>' The entire Cygwin username
should always use the same case, otherwise case sensitive pattern
matching on the name returned in the passwd name field won't work.

Play with `getent passwd' with the latest and the previous Cygwin
DLL.  That should give you an idea.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer

Attachment: signature.asc
Description: PGP signature