On Tue, 2005-01-18 at 22:30 +0100, Igor Bukanov wrote: > On Tue, 18 Jan 2005 11:49:00 -0800, "Jim C." <[EMAIL PROTECTED]> > said: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > | I use ssh port forwarding to connect to a samba server from Windows > > ... > > | ask for any password for shares? > > > > Why not set ssh up for public key auth? Coupled with Samba's own > > encryption, it should be secure enough. ;-) > > I already use public key authentication in ssh and for this reason the > additional password typing is annoyance that can potentially leak > passwords. So I thought that maybe there was a way to start samba from > ssh connection and assume that user already authentificated among the > lines of sftp subsystem in ssh.
Yes, it is possible to construct such a system, but I really doubt it is worth the pain. You would need to construct an auth module that understood that SSH had already authenticated the user, while still using the same username/password on the client as the server (this is important for session key stuff), run smbd as the user initially (which breaks certain behaviours where we become root). On the client, you would need to forward the socket to the SSH process. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
