mirror of git://anongit.mindrot.org/openssh.git
- stevesk@cvs.openbsd.org 2002/06/10 17:45:20
[readconf.c ssh.1] change RhostsRSAAuthentication and RhostsAuthentication default to no since ssh is no longer setuid root by default; ok markus@
This commit is contained in:
parent
1775c9c97a
commit
2bf8276393
|
@ -17,6 +17,10 @@
|
|||
[ssh-add.1 ssh-add.c]
|
||||
use convtime() to parse and validate key lifetime. can now
|
||||
use '-t 2h' etc. ok markus@ provos@
|
||||
- stevesk@cvs.openbsd.org 2002/06/10 17:45:20
|
||||
[readconf.c ssh.1]
|
||||
change RhostsRSAAuthentication and RhostsAuthentication default to no
|
||||
since ssh is no longer setuid root by default; ok markus@
|
||||
|
||||
20020609
|
||||
- (bal) OpenBSD CVS Sync
|
||||
|
@ -882,4 +886,4 @@
|
|||
- (stevesk) entropy.c: typo in debug message
|
||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||
|
||||
$Id: ChangeLog,v 1.2204 2002/06/11 15:51:54 mouring Exp $
|
||||
$Id: ChangeLog,v 1.2205 2002/06/11 15:53:05 mouring Exp $
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: readconf.c,v 1.98 2002/06/08 12:46:14 markus Exp $");
|
||||
RCSID("$OpenBSD: readconf.c,v 1.99 2002/06/10 17:45:20 stevesk Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "xmalloc.h"
|
||||
|
@ -816,7 +816,7 @@ fill_default_options(Options * options)
|
|||
if (options->use_privileged_port == -1)
|
||||
options->use_privileged_port = 0;
|
||||
if (options->rhosts_authentication == -1)
|
||||
options->rhosts_authentication = 1;
|
||||
options->rhosts_authentication = 0;
|
||||
if (options->rsa_authentication == -1)
|
||||
options->rsa_authentication = 1;
|
||||
if (options->pubkey_authentication == -1)
|
||||
|
@ -840,7 +840,7 @@ fill_default_options(Options * options)
|
|||
if (options->kbd_interactive_authentication == -1)
|
||||
options->kbd_interactive_authentication = 1;
|
||||
if (options->rhosts_rsa_authentication == -1)
|
||||
options->rhosts_rsa_authentication = 1;
|
||||
options->rhosts_rsa_authentication = 0;
|
||||
if (options->hostbased_authentication == -1)
|
||||
options->hostbased_authentication = 0;
|
||||
if (options->batch_mode == -1)
|
||||
|
|
9
ssh.1
9
ssh.1
|
@ -34,7 +34,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh.1,v 1.155 2002/06/09 22:15:15 stevesk Exp $
|
||||
.\" $OpenBSD: ssh.1,v 1.156 2002/06/10 17:45:20 stevesk Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH 1
|
||||
.Os
|
||||
|
@ -1083,9 +1083,6 @@ Specifies whether to try rhosts based authentication.
|
|||
Note that this
|
||||
declaration only affects the client side and has no effect whatsoever
|
||||
on security.
|
||||
Disabling rhosts authentication may reduce
|
||||
authentication time on slow connections when rhosts authentication is
|
||||
not used.
|
||||
Most servers do not permit RhostsAuthentication because it
|
||||
is not secure (see
|
||||
.Cm RhostsRSAAuthentication ) .
|
||||
|
@ -1094,7 +1091,7 @@ The argument to this keyword must be
|
|||
or
|
||||
.Dq no .
|
||||
The default is
|
||||
.Dq yes .
|
||||
.Dq no .
|
||||
This option applies to protocol version 1 only.
|
||||
.It Cm RhostsRSAAuthentication
|
||||
Specifies whether to try rhosts based authentication with RSA host
|
||||
|
@ -1104,7 +1101,7 @@ The argument must be
|
|||
or
|
||||
.Dq no .
|
||||
The default is
|
||||
.Dq yes .
|
||||
.Dq no .
|
||||
This option applies to protocol version 1 only and requires
|
||||
.Nm
|
||||
to be setuid root.
|
||||
|
|
Loading…
Reference in New Issue