Subject: crypto/dist/ssh/auth.c integration error?
To: None <>
From: Edgar =?iso-8859-1?B?RnXf?= <>
List: tech-userlevel
Date: 07/09/2007 17:45:21
It appears to me that there was an error while integrating crypto/dist/ssh/auth.c, which says it's derived from OpenBSD's version 1.75

In secure_filename(), starting at line 460 (in the NetBSD version), the function bails out if the home directory does not exist. Then, at line 465, it specifically handles the case of a non-existing home directory.

OpenBSD's version 1.75 simply lacks the block at NetBSD's lines 460-464.

This hit me when I tried to set up public key authentication on a server with no home directories mounted, but AuthorizedKeysFile set to /usr/local/etc/sshd/authorized_keys/%u in sshd_config.

I also notice that the check for account/password expiration that hit me on Friday is not present in the OpenBSD version.