From bb969edb07119ed54c636e5d80ccbed68e2acd39 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Thu, 22 Nov 2012 18:04:30 +0100 Subject: SSH: Reject requests for authorized keys of root https://fedorahosted.org/sssd/ticket/1687 --- src/responder/ssh/sshsrv_cmd.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/responder/ssh') diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c index 7de523fa..687e8887 100644 --- a/src/responder/ssh/sshsrv_cmd.c +++ b/src/responder/ssh/sshsrv_cmd.c @@ -65,6 +65,11 @@ sss_ssh_cmd_get_user_pubkeys(struct cli_ctx *cctx) ("Requesting SSH user public keys for [%s] from [%s]\n", cmd_ctx->name, cmd_ctx->domname ? cmd_ctx->domname : "")); + if (strcmp(cmd_ctx->name, "root") == 0) { + ret = ENOENT; + goto done; + } + if (cmd_ctx->domname) { cmd_ctx->domain = responder_get_domain(cmd_ctx, cctx->rctx, cmd_ctx->domname); -- cgit