enhanced SSHAuth plugin for pGina
Please note: This plugin will only work on Windows NT4/2000/XP.
It was used in various student labs I managed at the Dresden University of Technology from 2006 until 2014, when they switched to Windows 7.
This is an enhanced version of Ahmed Obied‘s SSHAuth plugin for pGina 2.x – an alternative open source Windows logon screen which is far more flexible than the original Windows one.
additional features to Ahmed’s version:
SSH keyboard-interactive authentication
optional: determine user’s full name based on a given command that is remotely executed on SSH server and its output is redirected to pGina, so that the full name appears in user’s description on your Windows machine or even on your Windows Server in Active Directory automagically
optional: ability to execute an arbitrary command on remote SSH server
optional: save output of the remote command to a local file
enhanced configuration dialog
Makefile for MS C++ compiler
Motivation:
Many SSH servers – especially OpenSSH servers – have password-authentication disabled. So the original plugin is not working with those servers. And sometimes it is useul to execute a command on the remote during the login process – e.g. to find out user’s quota on remote server. Then it is also useful to store the output of the command to a file. This way you can evaluate this file in the windows logon script and give the user a response if he exceeded his quota. I added a Makefile for easy building on the command prompt, because I don’t like the bloated Visual Studio (Express) – I used the free C++ compiler included in Microsoft Windows Software Development Kit, PSPad as Source-Code-Editor and ResEdit as Resource-Editor – both small, fast and free programs.
Testing:
This plugin was successfully tested against the following servers and SSH versions:
| ssh -V | uname |
|---|---|
| OpenSSH_4.3p2, OpenSSL 0.9.8a | WindowsNT 0 5 x86 |
| OpenSSH_4.2p1+sftplogging-v1.4, OpenSSL 0.9.7b | Linux 2.4.25 i686 athlon i386 GNU/Linux |
| OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7b | Linux 2.4.25 i686 athlon i386 GNU/Linux |
| OpenSSH_3.9p1, OpenSSL 0.9.7d | Linux 2.6.11.11 SMP i686 i686 i386 GNU/Linux |
| OpenSSH_4.1p1, OpenSSL 0.9.7g | Linux 2.6.21.1 SMP i686 i686 i386 GNU/Linux |
| OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7e | Linux 2.6.0 i686 GNU/Linux |
| SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f) | NetBSD 1.4.3 NetBSD 1.4.3 sparc |
| OpenSSH_2.5.1 NetBSD_Secure_Shell, SSH protocols 1.5/2.0, OpenSSL 0x0090581f | NetBSD 1.5.2 NetBSD 1.5.2 i386 |
| OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c | SunOS 5.6 sun4u sparc SUNW,Ultra-1 |
| SSH Secure Shell 3.2.3 (non-commercial version) | SunOS 5.8 sun4u sparc SUNW,Ultra-2 |
| SSH Secure Shell 3.2.0 (non-commercial version) | OSF1 V5.0 910 alpha |
| SSH Secure Shell 3.2.3 (non-commercial version) | AIX 3 4 powerpc |
| OpenSSH_4.2p1, OpenSSL 0.9.8a | Linux 2.6.16.53 SMP x86_64 x86_64 x86_64 GNU/Linux |
| OpenSSH_4.6p1, OpenSSL 0.9.8e | Linux 2.6.22.19-0.2-default SMP i686 athlon i386 GNU/Linux |
| OpenSSH_4.6p1, OpenSSL 0.9.8e | Linux 2.6.28.7 i686 athlon i386 GNU/Linux |
So it should work with any SSH server …
Screenshots:
Download:
Download source and DLL (614 kB) This ZIP file contains both the source code and a compiled DLL.
License:
Copyright © 2005-2006 Ahmed Obied
Copyright © 2007-2008 Stefan Liehmann
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.