Allow gss-keyex root login when without-password is set (#2456)
Reported upstream, but applicable also for our gss-keyex patch: https://bugzilla.mindrot.org/show_bug.cgi?id=2456
This commit is contained in:
parent
6bf47e3d35
commit
bf69b47630
@ -2730,3 +2730,15 @@ diff -up openssh-7.1p1/sshkey.h.gsskex openssh-7.1p1/sshkey.h
|
||||
KEY_UNSPEC
|
||||
};
|
||||
|
||||
diff --git a/auth.c b/auth.c
|
||||
index 4d1fbbe..5db39c4 100644
|
||||
--- a/auth.c
|
||||
+++ b/auth.c
|
||||
@@ -354,6 +354,7 @@ auth_root_allowed(const char *method)
|
||||
case PERMIT_NO_PASSWD:
|
||||
if (strcmp(method, "publickey") == 0 ||
|
||||
strcmp(method, "hostbased") == 0 ||
|
||||
+ strcmp(method, "gssapi-keyex") == 0 ||
|
||||
strcmp(method, "gssapi-with-mic") == 0)
|
||||
return 1;
|
||||
break;
|
||||
|
Loading…
Reference in New Issue
Block a user