version 1.353, 2019/10/31 21:17:49 |
version 1.354, 2019/11/25 00:52:46 |
|
|
options->hostbased_key_types = NULL; |
options->hostbased_key_types = NULL; |
options->hostkeyalgorithms = NULL; |
options->hostkeyalgorithms = NULL; |
options->pubkey_authentication = -1; |
options->pubkey_authentication = -1; |
|
options->pubkey_auth_options = -1; |
options->pubkey_key_types = NULL; |
options->pubkey_key_types = NULL; |
options->kerberos_authentication = -1; |
options->kerberos_authentication = -1; |
options->kerberos_or_local_passwd = -1; |
options->kerberos_or_local_passwd = -1; |
|
|
options->hostbased_uses_name_from_packet_only = 0; |
options->hostbased_uses_name_from_packet_only = 0; |
if (options->pubkey_authentication == -1) |
if (options->pubkey_authentication == -1) |
options->pubkey_authentication = 1; |
options->pubkey_authentication = 1; |
|
if (options->pubkey_auth_options == -1) |
|
options->pubkey_auth_options = 0; |
if (options->kerberos_authentication == -1) |
if (options->kerberos_authentication == -1) |
options->kerberos_authentication = 0; |
options->kerberos_authentication = 0; |
if (options->kerberos_or_local_passwd == -1) |
if (options->kerberos_or_local_passwd == -1) |
|
|
sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
sStreamLocalBindMask, sStreamLocalBindUnlink, |
sStreamLocalBindMask, sStreamLocalBindUnlink, |
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, |
sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, |
sExposeAuthInfo, sRDomain, |
sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, |
sDeprecated, sIgnore, sUnsupported |
sDeprecated, sIgnore, sUnsupported |
} ServerOpCodes; |
} ServerOpCodes; |
|
|
|
|
{ "rsaauthentication", sDeprecated, SSHCFG_ALL }, |
{ "rsaauthentication", sDeprecated, SSHCFG_ALL }, |
{ "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, |
{ "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, |
{ "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, |
{ "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, |
|
{ "pubkeyauthoptions", sPubkeyAuthOptions, SSHCFG_ALL }, |
{ "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ |
{ "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ |
#ifdef KRB5 |
#ifdef KRB5 |
{ "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, |
{ "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, |
|
|
charptr = &options->pubkey_key_types; |
charptr = &options->pubkey_key_types; |
goto parse_keytypes; |
goto parse_keytypes; |
|
|
|
case sPubkeyAuthOptions: |
|
intptr = &options->pubkey_auth_options; |
|
value = 0; |
|
while ((arg = strdelim(&cp)) && *arg != '\0') { |
|
if (strcasecmp(arg, "none") == 0) |
|
continue; |
|
if (strcasecmp(arg, "touch-required") == 0) |
|
value |= PUBKEYAUTH_TOUCH_REQUIRED; |
|
else { |
|
fatal("%s line %d: unsupported " |
|
"PubkeyAuthOptions option %s", |
|
filename, linenum, arg); |
|
} |
|
} |
|
if (*activep && *intptr == -1) |
|
*intptr = value; |
|
break; |
|
|
case sKerberosAuthentication: |
case sKerberosAuthentication: |
intptr = &options->kerberos_authentication; |
intptr = &options->kerberos_authentication; |
goto parse_flag; |
goto parse_flag; |
|
|
M_CP_INTOPT(password_authentication); |
M_CP_INTOPT(password_authentication); |
M_CP_INTOPT(gss_authentication); |
M_CP_INTOPT(gss_authentication); |
M_CP_INTOPT(pubkey_authentication); |
M_CP_INTOPT(pubkey_authentication); |
|
M_CP_INTOPT(pubkey_auth_options); |
M_CP_INTOPT(kerberos_authentication); |
M_CP_INTOPT(kerberos_authentication); |
M_CP_INTOPT(hostbased_authentication); |
M_CP_INTOPT(hostbased_authentication); |
M_CP_INTOPT(hostbased_uses_name_from_packet_only); |
M_CP_INTOPT(hostbased_uses_name_from_packet_only); |
|
|
o->permit_user_env_whitelist); |
o->permit_user_env_whitelist); |
} |
} |
|
|
|
printf("pubkeyauthoptions"); |
|
if (o->pubkey_auth_options == 0) |
|
printf(" none"); |
|
if (o->pubkey_auth_options & PUBKEYAUTH_TOUCH_REQUIRED) |
|
printf(" touch-required"); |
|
printf("\n"); |
} |
} |