Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 23 May 2001 13:47:09 -0400
From:      Jim Mock <jim@FreeBSD.org>
To:        doc@FreeBSD.org
Subject:   Updated patch (was Re: 4.3R and ssh problems)
Message-ID:  <20010523134708.C8824@cartman.bos.geekhouse.net>
index | next in thread | raw e-mail 

[-- Attachment #1 --]
The latest patch for FAQ is attached.

- jim

-- 
- jim mock <jim@compete.com>      www.compete.com - jim@FreeBSD.org -
- senior systems administrator - Compete, Inc. - ph: 1.617.867.7035 -

[-- Attachment #2 --]
Index: book.sgml
===================================================================
RCS file: /home/ncvs/doc/en_US.ISO_8859-1/books/faq/book.sgml,v
retrieving revision 1.204
diff -u -r1.204 book.sgml
--- book.sgml	2001/05/22 17:33:26	1.204
+++ book.sgml	2001/05/23 17:44:19
@@ -7290,6 +7290,43 @@
             securelevel</link> and the &man.init.8; manual page.</para>
         </answer>
       </qandaentry>
+
+      <qandaentry>
+        <question id="ssh-shosts">
+	  <para>Why doesn't SSH authentication through
+	    <filename>.shosts</filename> work by default in recent
+	    versions of FreeBSD?</para>
+	</question>
+
+	<answer>
+	  <para>The reason why <filename>.shosts</filename>
+	    authentication does not work by default in more recent
+	    versions of FreeBSD is because <application>ssh</application>
+	    is not installed suid root by default.  To
+	    <quote>fix</quote> this, you can do one of the
+	    following:</para>
+
+	  <itemizedlist>
+	    <listitem>
+	      <para>As a permanent fix, set
+		<makevar>ENABLE_SUID_SSH</makevar> to <literal>true</literal>
+		in <filename>/etc/make.conf</filename> and rebuild ssh
+		(or run <command>make world</command>).</para>
+	    </listitem>
+
+	    <listitem>
+	      <para>As a temporary fix, change the mode on
+		<filename>/usr/bin/ssh</filename> to <literal>4555</literal>
+		by running <command>chmod 4755 /usr/bin/ssh</command> as
+		<username>root</username>.  Then add
+		<makevar>ENABLE_SUID_SSH= true</makevar> to
+		<filename>/etc/make.conf</filename> so the change takes
+		effect the next time <command>make world</command> is
+		run.</para>
+	    </listitem>
+	  </itemizedlist>
+	</answer>
+      </qandaentry>
     </qandaset>
   </chapter>
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010523134708.C8824>