Hi All... I've been experimenting with the partial authorization patch for OpenSSH-2.5.2. I'm using CygWin on a Windows 2000 (SP1) box. I noticed a bug in the patch that shows up for CygWin users. The problem is that publickey authentication only works if sshd is running with the same user-id as the ssh client. When I run sshd as a service with a user-id of LocalSystem publickey authentication fails. This is because the check_nt_auth call in userauth-pubkey fails if the ssh user-id is different from the sshd user-id. It looks to me like userauth_pubkey needs to "suspend disbelief" (and not call check_nt_auth and auth_password) for partial authentication, in the hope that a password may come later. Then somewhere check_nt_auth auth_password need to be called to make sure that we don't forget to set the sshd user-id to the ssh user-id. Thanks, ...Karl _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com -- Want to unsubscribe from this list? Check out: http://cygwin.com/ml/#unsubscribe-simple