diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2000-12-12 23:11:49 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2000-12-12 23:11:49 +0000 |
| commit | 5876a6d55e98a01896e5f014d16c994fb062b381 (patch) | |
| tree | b48125b8f6232e12606474e47ddb0750d37d6491 /usr.bin | |
| parent | 1a32a6c13236076a6d9b01e3f325c091f9087342 (diff) | |
rhosts-rsa is no longer automagically disabled if ssh is not privileged.
UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
these changes should not change the visible default behaviour of the ssh client.
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 8 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.c | 19 |
2 files changed, 12 insertions, 15 deletions
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 9a4330f5528..fd791200dfb 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.71 2000/12/07 04:24:59 djm Exp $ +.\" $OpenBSD: ssh.1,v 1.72 2000/12/12 23:11:48 markus Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -464,7 +464,8 @@ not permit connections from privileged ports. Note that this option turns off .Cm RhostsAuthentication and -.Cm RhostsRSAAuthentication . +.Cm RhostsRSAAuthentication +for older servers. .It Fl q Quiet mode. Causes all warning and diagnostic messages to be suppressed. @@ -948,7 +949,8 @@ Note that setting this option to turns off .Cm RhostsAuthentication and -.Cm RhostsRSAAuthentication . +.Cm RhostsRSAAuthentication +for older servers. .It Cm User Specifies the user to log in as. This can be useful if you have a different user name on different machines. diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 7c8dd17fffa..845df62b960 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.76 2000/12/12 22:30:01 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.77 2000/12/12 23:11:48 markus Exp $"); #include <openssl/evp.h> #include <openssl/dsa.h> @@ -547,10 +547,9 @@ main(int ac, char **av) /* Disable rhosts authentication if not running as root. */ if (original_effective_uid != 0 || !options.use_privileged_port) { - debug("Rhosts Authentication methods disabled, " + debug("Rhosts Authentication disabled, " "originating port will not be trusted."); options.rhosts_authentication = 0; - options.rhosts_rsa_authentication = 0; } /* * If using rsh has been selected, exec it now (without trying @@ -573,17 +572,13 @@ main(int ac, char **av) /* Restore our superuser privileges. */ restore_uid(); - /* - * Open a connection to the remote host. This needs root privileges - * if rhosts_{rsa_}authentication is enabled. - */ + /* Open a connection to the remote host. */ ok = ssh_connect(host, &hostaddr, options.port, - options.connection_attempts, - !options.rhosts_authentication && - !options.rhosts_rsa_authentication, - original_real_uid, - options.proxy_command); + options.connection_attempts, + original_effective_uid != 0 || !options.use_privileged_port, + original_real_uid, + options.proxy_command); /* * If we successfully made the connection, load the host private key |