Allow gss-keyex root login when without-password is set (#2456)

Reported upstream, but applicable also for our gss-keyex patch:
https://bugzilla.mindrot.org/show_bug.cgi?id=2456
This commit is contained in:
Jakub Jelen 2015-09-24 11:23:38 +02:00
parent 6bf47e3d35
commit bf69b47630

View File

@ -2730,3 +2730,15 @@ diff -up openssh-7.1p1/sshkey.h.gsskex openssh-7.1p1/sshkey.h
KEY_UNSPEC
};
diff --git a/auth.c b/auth.c
index 4d1fbbe..5db39c4 100644
--- a/auth.c
+++ b/auth.c
@@ -354,6 +354,7 @@ auth_root_allowed(const char *method)
case PERMIT_NO_PASSWD:
if (strcmp(method, "publickey") == 0 ||
strcmp(method, "hostbased") == 0 ||
+ strcmp(method, "gssapi-keyex") == 0 ||
strcmp(method, "gssapi-with-mic") == 0)
return 1;
break;