mirror of git://anongit.mindrot.org/openssh.git
- stevesk@cvs.openbsd.org 2002/06/09 22:15:15
[ssh.1] update for no setuid root and ssh-keysign; ok deraadt@
This commit is contained in:
parent
494709decb
commit
5cac423871
|
@ -1,5 +1,9 @@
|
|||
20020611
|
||||
- (bal) ssh-agent.c RCSD fix (|unexpand already done)
|
||||
- (bal) OpenBSD CVS Sync
|
||||
- stevesk@cvs.openbsd.org 2002/06/09 22:15:15
|
||||
[ssh.1]
|
||||
update for no setuid root and ssh-keysign; ok deraadt@
|
||||
|
||||
20020609
|
||||
- (bal) OpenBSD CVS Sync
|
||||
|
@ -865,4 +869,4 @@
|
|||
- (stevesk) entropy.c: typo in debug message
|
||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||
|
||||
$Id: ChangeLog,v 1.2199 2002/06/11 15:42:53 mouring Exp $
|
||||
$Id: ChangeLog,v 1.2200 2002/06/11 15:45:02 mouring Exp $
|
||||
|
|
25
ssh.1
25
ssh.1
|
@ -34,7 +34,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh.1,v 1.154 2002/06/08 05:17:01 markus Exp $
|
||||
.\" $OpenBSD: ssh.1,v 1.155 2002/06/09 22:15:15 stevesk Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH 1
|
||||
.Os
|
||||
|
@ -1105,7 +1105,9 @@ or
|
|||
.Dq no .
|
||||
The default is
|
||||
.Dq yes .
|
||||
This option applies to protocol version 1 only.
|
||||
This option applies to protocol version 1 only and requires
|
||||
.Nm
|
||||
to be setuid root.
|
||||
.It Cm RSAAuthentication
|
||||
Specifies whether to try RSA authentication.
|
||||
The argument to this keyword must be
|
||||
|
@ -1376,9 +1378,23 @@ and are used for
|
|||
.Cm RhostsRSAAuthentication
|
||||
and
|
||||
.Cm HostbasedAuthentication .
|
||||
Since they are readable only by root
|
||||
If the protocol version 1
|
||||
.Cm RhostsRSAAuthentication
|
||||
method is used,
|
||||
.Nm
|
||||
must be setuid root if these authentication methods are desired.
|
||||
must be setuid root, since the host key is readable only by root.
|
||||
For protocol version 2,
|
||||
.Nm
|
||||
uses
|
||||
.Xr ssh-keysign 8
|
||||
to access the host keys for
|
||||
.Cm HostbasedAuthentication .
|
||||
This eliminates the requirement that
|
||||
.Nm
|
||||
be setuid root when that authentication method is used.
|
||||
By default
|
||||
.Nm
|
||||
is not setuid root.
|
||||
.It Pa $HOME/.rhosts
|
||||
This file is used in
|
||||
.Pa \&.rhosts
|
||||
|
@ -1483,6 +1499,7 @@ protocol versions 1.5 and 2.0.
|
|||
.Xr ssh-agent 1 ,
|
||||
.Xr ssh-keygen 1 ,
|
||||
.Xr telnet 1 ,
|
||||
.Xr ssh-keysign 8,
|
||||
.Xr sshd 8
|
||||
.Rs
|
||||
.%A T. Ylonen
|
||||
|
|
Loading…
Reference in New Issue