diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 1999-11-11 22:58:40 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 1999-11-11 22:58:40 +0000 |
| commit | 60d81ea24be4e04ee33496f2cb2e3f96f8ae2c32 (patch) | |
| tree | a5c4c826ebf59a356df309188208575df187b0dc | |
| parent | 0ca57a9a9e8a83c9582b41197d55c27e30a58264 (diff) | |
IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok deraadt,millert
| -rw-r--r-- | usr.bin/ssh/auth-rh-rsa.c | 19 | ||||
| -rw-r--r-- | usr.bin/ssh/servconf.c | 16 | ||||
| -rw-r--r-- | usr.bin/ssh/servconf.h | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.h | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.8 | 11 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.c | 7 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd_config | 2 |
7 files changed, 40 insertions, 23 deletions
diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c index 66abac5527f..7da5192143f 100644 --- a/usr.bin/ssh/auth-rh-rsa.c +++ b/usr.bin/ssh/auth-rh-rsa.c @@ -15,22 +15,22 @@ authentication. */ #include "includes.h" -RCSID("$Id: auth-rh-rsa.c,v 1.3 1999/11/09 23:09:58 markus Exp $"); +RCSID("$Id: auth-rh-rsa.c,v 1.4 1999/11/11 22:58:38 markus Exp $"); #include "packet.h" #include "ssh.h" #include "xmalloc.h" #include "uidswap.h" +#include "servconf.h" /* Tries to authenticate the user using the .rhosts file and the host using - its host key. Returns true if authentication succeeds. - .rhosts and .shosts will be ignored if ignore_rhosts is non-zero. */ + its host key. Returns true if authentication succeeds. */ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, unsigned int client_host_key_bits, - BIGNUM *client_host_key_e, BIGNUM *client_host_key_n, - int ignore_rhosts, int strict_modes) + BIGNUM *client_host_key_e, BIGNUM *client_host_key_n) { + extern ServerOptions options; const char *canonical_hostname; HostStatus host_status; BIGNUM *ke, *kn; @@ -38,7 +38,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, debug("Trying rhosts with RSA host authentication for %.100s", client_user); /* Check if we would accept it using rhosts authentication. */ - if (!auth_rhosts(pw, client_user, ignore_rhosts, strict_modes)) + if (!auth_rhosts(pw, client_user, options.ignore_rhosts, options.strict_modes)) return 0; canonical_hostname = get_canonical_hostname(); @@ -53,13 +53,14 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, client_host_key_bits, client_host_key_e, client_host_key_n, ke, kn); - /* Check user host file. */ - if (host_status != HOST_OK) { + + /* Check user host file unless ignored. */ + if (host_status != HOST_OK && !options.ignore_user_known_hosts) { struct stat st; char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid); /* Check file permissions of SSH_USER_HOSTFILE, auth_rsa() did already check pw->pw_dir, but there is a race XXX */ - if (strict_modes && + if (options.strict_modes && (stat(user_hostfile, &st) == 0) && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index d7d6675bad6..97dd45049e9 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -12,7 +12,7 @@ Created: Mon Aug 21 15:48:58 1995 ylo */ #include "includes.h" -RCSID("$Id: servconf.c,v 1.20 1999/11/10 23:36:44 markus Exp $"); +RCSID("$Id: servconf.c,v 1.21 1999/11/11 22:58:38 markus Exp $"); #include "ssh.h" #include "servconf.h" @@ -31,6 +31,7 @@ void initialize_server_options(ServerOptions *options) options->key_regeneration_time = -1; options->permit_root_login = -1; options->ignore_rhosts = -1; + options->ignore_user_known_hosts = -1; options->print_motd = -1; options->check_mail = -1; options->x11_forwarding = -1; @@ -88,6 +89,8 @@ void fill_default_server_options(ServerOptions *options) options->permit_root_login = 1; /* yes */ if (options->ignore_rhosts == -1) options->ignore_rhosts = 0; + if (options->ignore_user_known_hosts == -1) + options->ignore_user_known_hosts = 0; if (options->check_mail == -1) options->check_mail = 0; if (options->print_motd == -1) @@ -156,8 +159,8 @@ typedef enum sPasswordAuthentication, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, - sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups - + sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sIgnoreUserKnownHosts } ServerOpCodes; /* Textual representation of the tokens. */ @@ -195,6 +198,7 @@ static struct { "listenaddress", sListenAddress }, { "printmotd", sPrintMotd }, { "ignorerhosts", sIgnoreRhosts }, + { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, { "x11forwarding", sX11Forwarding }, { "x11displayoffset", sX11DisplayOffset }, { "strictmodes", sStrictModes }, @@ -402,7 +406,11 @@ void read_server_config(ServerOptions *options, const char *filename) if (*intptr == -1) *intptr = value; break; - + + case sIgnoreUserKnownHosts: + intptr = &options->ignore_user_known_hosts; + goto parse_int; + case sRhostsAuthentication: intptr = &options->rhosts_authentication; goto parse_flag; diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index 8a1b429dbf9..721ce7decf3 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -13,7 +13,7 @@ Definitions for server configuration data and for the functions reading it. */ -/* RCSID("$Id: servconf.h,v 1.11 1999/11/10 23:36:44 markus Exp $"); */ +/* RCSID("$Id: servconf.h,v 1.12 1999/11/11 22:58:38 markus Exp $"); */ #ifndef SERVCONF_H #define SERVCONF_H @@ -33,6 +33,7 @@ typedef struct int key_regeneration_time; /* Server key lifetime (seconds). */ int permit_root_login; /* If true, permit root login. */ int ignore_rhosts; /* Ignore .rhosts and .shosts. */ + int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */ int print_motd; /* If true, print /etc/motd. */ int check_mail; /* If true, check for new mail. */ int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h index 13fd5759f93..d6002aa11bd 100644 --- a/usr.bin/ssh/ssh.h +++ b/usr.bin/ssh/ssh.h @@ -13,7 +13,7 @@ Generic header file for ssh. */ -/* RCSID("$Id: ssh.h,v 1.18 1999/11/10 23:36:44 markus Exp $"); */ +/* RCSID("$Id: ssh.h,v 1.19 1999/11/11 22:58:38 markus Exp $"); */ #ifndef SSH_H #define SSH_H @@ -317,8 +317,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user, its host key. Returns true if authentication succeeds. */ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, unsigned int bits, BIGNUM *client_host_key_e, - BIGNUM *client_host_key_n, int ignore_rhosts, - int strict_modes); + BIGNUM *client_host_key_n); /* Tries to authenticate the user using password. Returns true if authentication succeeds. */ diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8 index 2cad5256b58..f23fff3ca09 100644 --- a/usr.bin/ssh/sshd.8 +++ b/usr.bin/ssh/sshd.8 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: sshd.8,v 1.23 1999/11/10 23:36:45 markus Exp $ +.\" $Id: sshd.8,v 1.24 1999/11/11 22:58:39 markus Exp $ .\" .Dd September 25, 1999 .Dt SSHD 8 @@ -245,6 +245,15 @@ and .Pa /etc/shosts.equiv are still used. The default is .Dq no . +.It Cm IgnoreUserKnownHosts +Specifies whether +.Nm +should ignore the user's +.Pa $HOME/.ssh/known_hosts +during +.Cm RhostsRSAAuthentication . +The default is +.Dq no . .It Cm KeepAlive Specifies whether the system should send keepalive messages to the other side. If they are sent, death of the connection or crash of one diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 55c312a1a93..d5e00c328c3 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.49 1999/11/11 15:23:14 markus Exp $"); +RCSID("$Id: sshd.c,v 1.50 1999/11/11 22:58:39 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -1254,11 +1254,8 @@ do_authentication(char *user, int privileged_port) packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); } - /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ if (auth_rhosts_rsa(pw, client_user, - client_host_key_bits, client_host_key_e, - client_host_key_n, options.ignore_rhosts, - options.strict_modes)) + client_host_key_bits, client_host_key_e, client_host_key_n)) { /* Authentication accepted. */ authenticated = 1; diff --git a/usr.bin/ssh/sshd_config b/usr.bin/ssh/sshd_config index 3430c1c6e9b..6799088c713 100644 --- a/usr.bin/ssh/sshd_config +++ b/usr.bin/ssh/sshd_config @@ -10,6 +10,8 @@ PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 |