thr3ads.net - openssh unix dev - RhostsAuthentication? [Nov 2001]

If this information is useful, please help other people find it:
Share via:

Gert Doering

2001-Nov-15 11:18 UTC

RhostsAuthentication?

Hi,

is anybody out there still using RhostsAuthentication?  Can we please
remove it?

I just stumbled over a few sshd_config's set up by colleagues who didn't
bother to understand what they are doing, and since .shosts didn't work
anymore after upgrading to OpenSSH 3, they just enabled RhostsAuth and
voila, back to "working"...

Yes, there is a big warning in the sshd_config, but that doesn't seem to
be enough.

Maybe a compile time option?  "./configure --yes-I-want-rhostauth"?

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at
greenie.muc.de
fax: +49-89-35655025                        gert.doering at
physik.tu-muenchen.de

Markus Friedl

2001-Nov-15 11:22 UTC

head link

RhostsAuthentication?

On Thu, Nov 15, 2001 at 12:18:35PM +0100, Gert Doering
wrote:> is anybody out there still using RhostsAuthentication?  Can we please
> remove it?
i don't think we can remove the code, perhaps just printing a big
WARNING to stderr/syslog if it's enabled or used.

-m

Possibly Parallel Threads

Search for more maybe matching threads

openssh unix dev - Nov 2001 - RhostsAuthentication?

RhostsAuthentication?

RhostsAuthentication?

Possibly Parallel Threads