From 705499b2483396a76a6e1a1f682b419ee828c242 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 12 Nov 2001 11:05:38 +1100 Subject: [PATCH] - markus@cvs.openbsd.org 2001/11/08 17:49:53 [ssh.1] mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@ --- ChangeLog | 5 ++++- ssh.1 | 11 ++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 85641c48c..a9ec3aee4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -45,6 +45,9 @@ - markus@cvs.openbsd.org 2001/11/08 10:51:08 [readpass.c] don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. + - markus@cvs.openbsd.org 2001/11/08 17:49:53 + [ssh.1] + mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@ 20011109 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) @@ -6854,4 +6857,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1648 2001/11/12 00:05:20 djm Exp $ +$Id: ChangeLog,v 1.1649 2001/11/12 00:05:38 djm Exp $ diff --git a/ssh.1 b/ssh.1 index 404f80bd1..ad3c96023 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.140 2001/10/30 20:29:09 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.141 2001/11/08 17:49:53 markus Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -1389,6 +1389,15 @@ This file provides defaults for those values that are not specified in the user's configuration file, and for those users who do not have a configuration file. This file must be world-readable. +.It Pa /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key +These three files contain the private parts of the host keys +and are used for +.Cm RhostsRSAAuthentication +and +.Cm HostbasedAuthentication . +Since they are readable only by root +.Nm +must be setuid root if these authentication methods are desired. .It Pa $HOME/.rhosts This file is used in .Pa \&.rhosts