Date: Tue, 21 Jul 1998 17:03:32 GMT From: ark@eltex.ru To: sthaug@nethelp.no Cc: netadmin@fastnet.co.uk, security@FreeBSD.ORG Subject: Re: Ssh vsprintf (was the lame whoose-language is better war) Message-ID: <199807211703.RAA16737@paranoid.eltex.spb.ru> In-Reply-To: <14723.901021972@verdi.nethelp.no> from "sthaug@nethelp.no"
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- nuqneH, sthaug@nethelp.no said : > > | AFAIR it is _client_ that needs root to initiate connection from a > > | privileged port. Mandatory for .rhosts authentication. > > > > Yeh your right.. > > But most of the time when you use SSH you don't *need* .rhosts type > "authentication" - because you're using RSA authentication or password > over an encrypted channel. > > If you don't need .rhosts "authentication", it's a good idea to turn > off setuid root for the ssh client. afair RSArhosts needs privileged port as well.. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNbTJ4qH/mIJW9LeBAQH9sgP5ASi2tYY0Qbp2GUxl3MMLE1/MgBIjti0d /ypgW0eVAbp0K5Nr0ZAVdZKzP4QNxq9IIxBDJDoa1YRd3hvdfEUUyZuyl4JWdNcE aE2xuyJR63O0SPFWFLaqRzcs7ZSy9qcPz9qsf+fzUMLwaNjUpRS1avOC5sOjdt3F 1Vv5OM5iOOg= =cF4h -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807211703.RAA16737>