PowerShell/Win32-OpenSSH#1065
Fix: In recent sshd architectural changes, post authentication changes that process user specific changes were missing in authenticated sshd worker. Added missing call.
PowerShell/Win32-OpenSSH#1052
Fix: getpwd* functions will now strip off domain of any local user account.
OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
1. Add file permission check when load or add ssh_config, authorized_keys, private keys, host keys,.
2. set the owner and ACE for create secure file, ex, private key in ssh-keygen.exe
3. Update script OpenSSHTestHelper.psm1 to be able to run Install-OpenSSH if the sshd is running on the machine.
4. add OpenSSHBinPath to path.
5. change indents in agentconfig.c
6. update test script to represent the changes
7. Add tests for:
* authorized_keys and ssh-keygen testing
* host keys file perm testing
* user private key file perm testing
* ssh-add test
* user ssh_config
Manoj Ampalam
bagajjal
Yanbing