diff options
| author |   stevesk <stevesk@openbsd.org> | 2002-06-10 17:45:20 +0000 |
|---|---|---|
| committer | stevesk <stevesk@openbsd.org> | 2002-06-10 17:45:20 +0000 |
| commit | db0d93ce683320f443baf0efecc9af682bfcd646 (patch) | |
| tree | 2318dff57effb47359a20f4372a45762c634fbac | |
| parent | no more _NO_WEAK_ALIASES here. (diff) | |
| download | wireguard-openbsd-db0d93ce683320f443baf0efecc9af682bfcd646.tar.xz wireguard-openbsd-db0d93ce683320f443baf0efecc9af682bfcd646.zip | |
change RhostsRSAAuthentication and RhostsAuthentication default to no
since ssh is no longer setuid root by default; ok markus@
| -rw-r--r-- | usr.bin/ssh/readconf.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 9 |
2 files changed, 6 insertions, 9 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 7b663310891..a523b1be352 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.98 2002/06/08 12:46:14 markus Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.99 2002/06/10 17:45:20 stevesk Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -814,7 +814,7 @@ fill_default_options(Options * options) if (options->use_privileged_port == -1) options->use_privileged_port = 0; if (options->rhosts_authentication == -1) - options->rhosts_authentication = 1; + options->rhosts_authentication = 0; if (options->rsa_authentication == -1) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) @@ -838,7 +838,7 @@ fill_default_options(Options * options) if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 1; if (options->rhosts_rsa_authentication == -1) - options->rhosts_rsa_authentication = 1; + options->rhosts_rsa_authentication = 0; if (options->hostbased_authentication == -1) options->hostbased_authentication = 0; if (options->batch_mode == -1) diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 49b50c391ea..0f68e7e696b 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.155 2002/06/09 22:15:15 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.156 2002/06/10 17:45:20 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -1083,9 +1083,6 @@ Specifies whether to try rhosts based authentication. Note that this declaration only affects the client side and has no effect whatsoever on security. -Disabling rhosts authentication may reduce -authentication time on slow connections when rhosts authentication is -not used. Most servers do not permit RhostsAuthentication because it is not secure (see .Cm RhostsRSAAuthentication ) . @@ -1094,7 +1091,7 @@ The argument to this keyword must be or .Dq no . The default is -.Dq yes . +.Dq no . This option applies to protocol version 1 only. .It Cm RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA host @@ -1104,7 +1101,7 @@ The argument must be or .Dq no . The default is -.Dq yes . +.Dq no . This option applies to protocol version 1 only and requires .Nm to be setuid root. |