From owner-freebsd-current Sat Feb 26 15:38: 1 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id AEA2D37B573; Sat, 26 Feb 2000 15:37:59 -0800 (PST) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id PAA99258; Sat, 26 Feb 2000 15:37:59 -0800 (PST) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 26 Feb 2000 15:37:58 -0800 (PST) From: Kris Kennaway To: Bjoern Groenvall Cc: "Jordan K. Hubbard" , current@FreeBSD.ORG, markm@FreeBSD.ORG Subject: Re: OpenSSH /etc patch In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 26 Feb 2000, Bjoern Groenvall wrote: > Right, the code does not lie (if ssh is setuid root). But, if the host > key has not yet been created, then no host can have the public key and > thus rsa-rhosts authentication won't work anyways. It is not required > to run ssh-keygen to make ssh work, Sshd still requires the host key > to operate. I don't follow you - if no host key is generated, then you can't ever use the RSA-rhosts authentication mechanism to log into another server until you do. Thus part of ssh's functionality is broken until you generate that key, so we do it for you the first time you boot. Kris ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message