diff options
| author | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
| commit | 09d3e1251250dcf45e5434cd474430e4ec5e8639 (patch) | |
| tree | 674ce6528821636740dce3a32ac1634b397643c9 /auth-rsa.c | |
| parent | 07daed505f1cd6a0beff4d060b588debcc1ca8c8 (diff) | |
- djm@cvs.openbsd.org 2012/10/30 21:29:55
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
[sshd.c sshd_config sshd_config.5]
new sshd_config option AuthorizedKeysCommand to support fetching
authorized_keys from a command in addition to (or instead of) from
the filesystem. The command is run as the target server user unless
another specified via a new AuthorizedKeysCommandUser option.
patch originally by jchadima AT redhat.com, reworked by me; feedback
and ok markus@
Diffstat (limited to 'auth-rsa.c')
| -rw-r--r-- | auth-rsa.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -276,6 +276,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) temporarily_use_uid(pw); for (i = 0; !allowed && i < options.num_authkeys_files; i++) { + if (strcasecmp(options.authorized_keys_files[i], "none") == 0) + continue; file = expand_authorized_keys( options.authorized_keys_files[i], pw); allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey); |