RE: setuid for "ssh"
- From: "Gavin McDonald" <gavitron@xxxxxxxxx>
- Date: Thu, 29 Dec 2005 23:36:26 -0800
So you are running ssh ver1?
Regards,
Gavin McDonald
========================
EVI Logistic Enterprises
email: me@xxxxxxxxxxxx
phone: (604) 313-3845
_____
From: Sachin Bhugra [mailto:bhugra.sachin@xxxxxxxxx]
Sent: Thursday, December 29, 2005 10:52 PM
To: General Red Hat Linux discussion list
Cc: gavitron@xxxxxxxxx; alan@xxxxxxxxxxxxxx
Subject: Re: setuid for "ssh"
Hi,
I understand that it is dangerous to give root permissions, but the issue is
if you want to use RhostsAuthentication then you need to enable privileged
ports for ssh i.e. UsePrivilegedPorts yes in ssh_config, which requires ssh
to setuid root. Actually thats the way it has been written in man
ssh_config. Here is what it says:
RhostsAuthentication
Specifies whether to try rhosts based authentication. Note that
this declaration only affects the client side and has no effect
whatsoever on security. Most servers do not permit RhostsAuthen-
tication because it is not secure (see RhostsRSAAuthentication).
The argument to this keyword must be "yes" or "no". The default
is "no". This option applies to protocol version 1 only and
requires ssh to be setuid root and UsePrivilegedPort to be set to
"yes".
PS: Also, i am enabling this form of Authentication only for my private
network.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- References:
- Re: setuid for "ssh"
- From: Sachin Bhugra
- Re: setuid for "ssh"
- Prev by Date: Re: setuid for "ssh"
- Next by Date: script with cron not running
- Previous by thread: Re: setuid for "ssh"
- Next by thread: Re: setuid for "ssh"
- Index(es):
Relevant Pages
|
|
