From owner-freebsd-stable  Tue May 22 13:57:45 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from search.sparks.net (search.sparks.net [208.5.188.60])
	by hub.freebsd.org (Postfix) with ESMTP id E79D737B42C
	for <stable@FreeBSD.ORG>; Tue, 22 May 2001 13:57:42 -0700 (PDT)
	(envelope-from dmiller@sparks.net)
Received: by search.sparks.net (Postfix, from userid 100)
	id EEFDADB49; Tue, 22 May 2001 16:56:23 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
	by search.sparks.net (Postfix) with ESMTP
	id DA5A4DB48; Tue, 22 May 2001 16:56:23 -0400 (EDT)
Date: Tue, 22 May 2001 16:56:23 -0400 (EDT)
From: David Miller <dmiller@sparks.net>
To: Jacob Frelinger <jolly@gibbon.kungfumonkey.com>
Cc: stable@FreeBSD.ORG
Subject: Re: 4.3R and ssh problems
In-Reply-To: <Pine.LNX.4.30.0105221648100.24883-100000@gibbon.kungfumonkey.com>
Message-ID: <Pine.BSF.4.21.0105221653390.50961-100000@search.sparks.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Tue, 22 May 2001, Jacob Frelinger wrote:

> On Tue, 22 May 2001, David Miller wrote:
> 
> > I will check into this, but authentication through the .shosts file has
> > worked "forever", and if the only solution is a new authentication
> > mechanism we've broken compatibility with a lot of existing apps.
> >
> > --- David
> 
> well colour me schooled.  I've never used ssh with .shosts, only key based
> auth.  but a quick search on the net proves your right. (and actualy a
> possible solution).  i found several documents refering to .shosts
> authentication that stated ssh must be installed suid to get a privelaged
> port, for .shosts authentication to work, and by default ssh isn't
> installed as suid on freebsd (though setting ENABLE_SUID_SSH=true in
> make.conf will install it as sutch)

chmod 4555 /usr/bin/ssh let it work too, so now I'm OK.  Hopefully anyone
else who runs into the problem will search the stable archive, but I
always worry when defaults change.

Thanks to all who answered so quickly:)

--- David


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message