openssh-unix-dev May 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: backdoor by authorized_keys2 leftovers

Re: backdoor by authorized_keys2 leftovers

From: Daniel Kahn Gillmor <dkg_at_nospam>
Date: Sun May 15 2011 - 16:43:12 GMT
To: "openssh-unix-dev@mindrot.org" <openssh-unix-dev@mindrot.org>

On 05/14/2011 06:28 PM, Damien Miller wrote:
> Index: sshd_config.5
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/sshd_config.5,v
> retrieving revision 1.131
> diff -u -p -r1.131 sshd_config.5
> --- sshd_config.5 8 Dec 2010 04:02:47 -0000 1.131
> +++ sshd_config.5 13 May 2011 12:22:19 -0000
> @@ -170,6 +170,10 @@ is taken to be an absolute path or one r
> directory.
> The default is
> .Dq .ssh/authorized_keys .
> +Multiple files may be listed, either on a single line separated by
> +whitespace or on additional
> +.Cm AuthorizedKeysFile
> +lines.
> .It Cm AuthorizedPrincipalsFile
> Specifies a file that lists principal names that are accepted for
> certificate authentication.

It seems somewhat unclear how AuthorizedKeysFile interacts with a Match
clause.

If the following makes an array of two authorizedkeysfiles:

 AuthorizedKeysFile foo
 AuthorizedKeysFile bar

then what does this mean for user X:

 AuthorizedKeysFile foo
 Match user x
  AuthorizedKeysFile bar

Is it worth explicitly stating that, for a matching connection, setting
an AuthorizedKeysFile within a Match block explicitly removes all other
AuthorizedKeysFile settings *not* in that match block?

        --dkg

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev