From owner-freebsd-doc  Tue May 22 23:45:35 2001
Delivered-To: freebsd-doc@freebsd.org
Received: from winston.osd.bsdi.com (adsl-64-173-15-98.dsl.sntc01.pacbell.net [64.173.15.98])
	by hub.freebsd.org (Postfix) with ESMTP id 1EC4737B422
	for <doc@FreeBSD.ORG>; Tue, 22 May 2001 23:45:18 -0700 (PDT)
	(envelope-from jkh@osd.bsdi.com)
Received: from localhost (jkh@localhost [127.0.0.1])
	by winston.osd.bsdi.com (8.11.3/8.11.3) with ESMTP id f4N6j8812263;
	Tue, 22 May 2001 23:45:09 -0700 (PDT)
	(envelope-from jkh@osd.bsdi.com)
To: dmiller@sparks.net
Cc: jolly@gibbon.kungfumonkey.com, doc@FreeBSD.ORG
Subject: Re: 4.3R and ssh problems
In-Reply-To: <Pine.BSF.4.21.0105221653390.50961-100000@search.sparks.net>
References: <Pine.LNX.4.30.0105221648100.24883-100000@gibbon.kungfumonkey.com>
	<Pine.BSF.4.21.0105221653390.50961-100000@search.sparks.net>
X-Mailer: Mew version 1.94.1 on Emacs 20.7 / Mule 4.0 (HANANOEN)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20010522234508P.jkh@osd.bsdi.com>
Date: Tue, 22 May 2001 23:45:08 -0700
From: Jordan Hubbard <jkh@osd.bsdi.com>
X-Dispatcher: imput version 20000228(IM140)
Lines: 38
Sender: owner-freebsd-doc@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-doc.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-doc>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-doc>
X-Loop: FreeBSD.org

We probably need to add this to the FAQ, actually.  Any doc'ers
willing to write something up and commit it?

- Jordan

From: David Miller <dmiller@sparks.net>
Subject: Re: 4.3R and ssh problems
Date: Tue, 22 May 2001 16:56:23 -0400 (EDT)

> On Tue, 22 May 2001, Jacob Frelinger wrote:
> 
> > On Tue, 22 May 2001, David Miller wrote:
> > 
> > > I will check into this, but authentication through the .shosts file has
> > > worked "forever", and if the only solution is a new authentication
> > > mechanism we've broken compatibility with a lot of existing apps.
> > >
> > > --- David
> > 
> > well colour me schooled.  I've never used ssh with .shosts, only key based
> > auth.  but a quick search on the net proves your right. (and actualy a
> > possible solution).  i found several documents refering to .shosts
> > authentication that stated ssh must be installed suid to get a privelaged
> > port, for .shosts authentication to work, and by default ssh isn't
> > installed as suid on freebsd (though setting ENABLE_SUID_SSH=true in
> > make.conf will install it as sutch)
> 
> chmod 4555 /usr/bin/ssh let it work too, so now I'm OK.  Hopefully anyone
> else who runs into the problem will search the stable archive, but I
> always worry when defaults change.
> 
> Thanks to all who answered so quickly:)
> 
> --- David
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message