Thanks for this, but I was actually after more. I was looking for "full
intergration" for SecurID into SSH2. This would include a modified
client to support "New PIN" and "Next Code", and all this for the Win32
client.
The trick as I can see is getting the ssh2 client & server talking to
each other when a "new PIN" or "next code" is required. Adding to this
is the fact that I'd have to do this for the Win32 client as well.
Brian
"Zbiegiel, Piotr" wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Here is the patch that I generated from my SecurID-enabled SSH2.
> Basically I didn't need to write any new code. I took Mr.
> McKillican's code for SecurID support in ssh1 and massaged it to work
> with ssh2.
>
> Important changes: I took out the /etc/securid.users file check
> because we did not require it here. It should be pretty easy to put
> back in if you really need it.
>
> I build this with the ACE 4.0 Server and Agents and SSH 2.0.13.
>
> The file that needs patching is: ssh-2.0.13/apps/ssh/auths-passwd.c
>
> Requirements:
>
> You need to configure ssh with:
>
> --with-securid=/path/to/ACE/header/files
>
> After the build, you must define the following environment variables
> before executing sshd:
>
> VAR_ACE=/data/dir/in/ACE/install
> USR_ACE=/prog/dir/in/ACE/install
>
> I put these in the sshd2 startup script.
>
> Let me reiterate:
>
> 1. I built this using the ACE 4.0 Server and clients and SSH version
> 2.0.13. I don't know if this works with previous versions of ACE
> and/or SSH. Your mileage may vary!
>
> 2. Make sure you give the correct path to the --with-securid option
>
> 3. Make sure you define the environment variables above BEFORE
> running sshd2
>
> I provide no guarantees for this code. It works in my particular
> situation. Hope that helps out.
>
> Later,
>
> Piotr T Zbiegiel
>
> - -------------------------------------
> Note: When you are instructed to press RETURN, pressing ENTER will
> have the same effect.
>
> - -----Original Message-----
> From: Berk, David
> Sent: Tuesday, May 23, 2000 9:30 AM
> To: Zbiegiel, Piotr
> Subject: FW: Any luck with SSH2 and SecurID?
>
> - -----Original Message-----
> From: Brian Miller [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 23, 2000 12:20 AM
> To: [EMAIL PROTECTED]
> Subject: Any luck with SSH2 and SecurID?
>
> David,
>
> I saw that you asked the question on the SSH mail list about getting
> SSH2 & SecurID working together.
>
> Have you had any luck? I have also compiled SSH2 with the
> - --with-securid=/opt/ace option, but can't get it to work.
>
> Brian
> - --
> - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> - -=
> Brian Miller Telstra
> WAN Products 30/242 Exhibition Street
> Network & Technology Group Melbourne, VIC 3000
> [EMAIL PROTECTED] Australia
> - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> - -=
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Personal Privacy 6.5.3
>
> iQA/AwUBOSq4yZ/4v7tSKIzLEQJN3QCfVTbJRcDoJ1tqdOmWjewu7T+vq7MAoKSo
> DFmPH7MyaEU3zsb0QDRZ9vT0
> =5Lx6
> -----END PGP SIGNATURE-----
>
> ------------------------------------------------------------------------
> Name: ssh-2.0.13.securid.patch
> ssh-2.0.13.securid.patch Type: unspecified type (application/octet-stream)
> Encoding: quoted-printable
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Brian Miller Telstra
WAN Products 30/242 Exhibition Street
Network & Technology Group Melbourne, VIC 3000
[EMAIL PROTECTED] Australia
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
