Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Blank username?
Skip to first unread message
Alexander Lamaison
Apr 1, 2013, 8:56:35 PM4/1/13
to
A user has asked us to support public-key login without a username.
Does the spec allow a blank username for SSH auth?
I can't find anything expressly forbidding it, but neither can I find
mention anywhere of anyone actually doing it.
Thanks,
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
Does the spec allow a blank username for SSH auth?
I can't find anything expressly forbidding it, but neither can I find
mention anywhere of anyone actually doing it.
Thanks,
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
Wolfgang Meiners
Apr 2, 2013, 6:09:24 AM4/2/13
to
Am 02.04.13 02:56, schrieb Alexander Lamaison:
ssh remote
then ssh tries to connect you to user1@remote. And if there is a public
key in the remote /home/user1/.ssh/authorized_keys file corresponding to
the private key of user1 at local then this key will be used in a
default configuration of sshd.
In a more complicated setup user1 at local migth have a section
Host myHost
Hostname a_valid_host
User me
IdentityFile ~/.ssh/my_secret_key
in his ~/.ssh/config.
Then
ssh myHost
will be the same as
ssh -i ~/.ssh/my_secret_key me@a_valid_host
Maybe you should read man ssh_config for more information.
Hope this helps
Wolfgang
> A user has asked us to support public-key login without a username.
> Does the spec allow a blank username for SSH auth?
>
> I can't find anything expressly forbidding it, but neither can I find
> mention anywhere of anyone actually doing it.
>
> Thanks,
>
> Alex
>
The simplest case is you are user1 at local and type
> Does the spec allow a blank username for SSH auth?
>
> I can't find anything expressly forbidding it, but neither can I find
> mention anywhere of anyone actually doing it.
>
> Thanks,
>
> Alex
>
ssh remote
then ssh tries to connect you to user1@remote. And if there is a public
key in the remote /home/user1/.ssh/authorized_keys file corresponding to
the private key of user1 at local then this key will be used in a
default configuration of sshd.
In a more complicated setup user1 at local migth have a section
Host myHost
Hostname a_valid_host
User me
IdentityFile ~/.ssh/my_secret_key
in his ~/.ssh/config.
Then
ssh myHost
will be the same as
ssh -i ~/.ssh/my_secret_key me@a_valid_host
Maybe you should read man ssh_config for more information.
Hope this helps
Wolfgang
Alexander Lamaison
Apr 2, 2013, 3:10:24 PM4/2/13
to
Wolfgang Meiners <Wolfgang...@web.de> writes:
> Am 02.04.13 02:56, schrieb Alexander Lamaison:
>> A user has asked us to support public-key login without a username.
>> Does the spec allow a blank username for SSH auth?
>>
>> I can't find anything expressly forbidding it, but neither can I find
>> mention anywhere of anyone actually doing it.
>>
>> Thanks,
>>
>> Alex
>>
>
> The simplest case is you are user1 at local and type
> ssh remote
> then ssh tries to connect you to user1@remote. And if there is a public
> key in the remote /home/user1/.ssh/authorized_keys file corresponding to
> the private key of user1 at local then this key will be used in a
> default configuration of sshd.
snip
> Am 02.04.13 02:56, schrieb Alexander Lamaison:
>> A user has asked us to support public-key login without a username.
>> Does the spec allow a blank username for SSH auth?
>>
>> I can't find anything expressly forbidding it, but neither can I find
>> mention anywhere of anyone actually doing it.
>>
>> Thanks,
>>
>> Alex
>>
>
> The simplest case is you are user1 at local and type
> ssh remote
> then ssh tries to connect you to user1@remote. And if there is a public
> key in the remote /home/user1/.ssh/authorized_keys file corresponding to
> the private key of user1 at local then this key will be used in a
> default configuration of sshd.
> Maybe you should read man ssh_config for more information.
client does if you don't specify a username. Swish *is* an SSH (SFTP)
client and our user is asking us to make it support pubkey auth without
a username.
I wasn't aware that was possible, though I can't find anything expressly
forbidding it in the spec. I'm double-checking I'm not missing
something.
Richard E. Silverman
Apr 16, 2013, 9:21:07 PM4/16/13
to
Alexander Lamaison <aw...@doc.ic.ac.uk> writes:
> A user has asked us to support public-key login without a username.
> Does the spec allow a blank username for SSH auth?
>
> I can't find anything expressly forbidding it, but neither can I find
> mention anywhere of anyone actually doing it.
>
> Thanks,
>
> Alex
The userauth spec (RFC 4252) for publickey authentication requires there
> A user has asked us to support public-key login without a username.
> Does the spec allow a blank username for SSH auth?
>
> I can't find anything expressly forbidding it, but neither can I find
> mention anywhere of anyone actually doing it.
>
> Thanks,
>
> Alex
to be a "user name" field in the request; however, there is nothing
preventing a client from sending an empty or otherwise meaningless
string, if the server can be configured to map the public key to a
particular remote account in some way. Normally the client specifies
which account it wants to access with the username field.
- Richard
0 new messages