Date: Wed, 15 Aug 2001 16:21:32 +0000 From: Olafur Osvaldsson <oli@isnic.is> To: freebsd-hackers@freebsd.org Subject: ssh and setuid Message-ID: <20010815162132.J70497@isnic.is>
next in thread | raw e-mail | index | archive | help
Hi,
I'm using 4.3-STABLE since Jul 18.
I have been trying to figure out why I was unable to use RhostsRSAAuthentication
between my servers even when it was enabled in sshd_config.
After looking at sshd.c I noticed the following at line 1061:
if (remote_port >= IPPORT_RESERVED ||
remote_port < IPPORT_RESERVED / 2) {
options.rhosts_authentication = 0;
options.rhosts_rsa_authentication = 0;
}
As the ssh in FreeBSD is by default not setuid it uses a higher than privileged
port for connecting so obviously that is the reason for my troubles.
Wouldn't it be better to only disable rhosts_authentication instead of disabling
both when the port is not privileged or atleast have this as an option in
make.conf for those that want this option without setting the setuid bit on ssh?
Please excuse me if this is not the correct media for this question.
Oli
--
Olafur Osvaldsson
Systems Administrator
Internet Iceland inc.
Tel: +354 525-5291
Email: oli@isnic.is
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010815162132.J70497>