thr3ads.net - openssh unix dev - change in rhosts-rsa behavior [Apr 2001]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Michael Stone

2001-Apr-24 13:13 UTC

change in rhosts-rsa behavior

Can anyone remind me of the reason for breaking the rhosts-rsa protcol
(by not using a privilaged port by default)?

-- 
Mike Stone

Markus Friedl

2001-Apr-24 13:40 UTC

head link

change in rhosts-rsa behavior

On Tue, Apr 24, 2001 at 09:13:46AM -0400, Michael Stone
wrote:> Can anyone remind me of the reason for breaking the rhosts-rsa protcol
> (by not using a privilaged port by default)?
it's a requirement from the obsolete rlogin protocol.

it does not provide additional security.

it is not required for protocol version 2.

privileged ports require setuid root and cause problems.

openssh's sshd does not require this.

you can always force the client to allocate privileged ports.

Maybe Matching Threads

Rhosts-RSA authentication broken
rsh/rlogin on CentOS4.2
AIX SSH 2.x ssh and /etc/ftpusers rcp rlogin WRONG !
Rhosts Authentication broken in 3.4.p1???
hosts.equiv and .rhosts

Search for more maybe matching threads

openssh unix dev - Apr 2001 - change in rhosts-rsa behavior

change in rhosts-rsa behavior

change in rhosts-rsa behavior

Maybe Matching Threads