From owner-freebsd-stable Sat Mar 3 13:38:12 2001 Delivered-To: freebsd-stable@freebsd.org Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74]) by hub.freebsd.org (Postfix) with ESMTP id 4069937B718 for ; Sat, 3 Mar 2001 13:38:09 -0800 (PST) (envelope-from jdp@polstra.com) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.11.1/8.11.1) with ESMTP id f23Lc7J21047 for ; Sat, 3 Mar 2001 13:38:08 -0800 (PST) (envelope-from jdp@polstra.com) Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Sat, 03 Mar 2001 13:38:07 -0800 (PST) Organization: Polstra & Co., Inc. From: John Polstra To: stable@freebsd.org Subject: Is RhostsRSAAuthentication broken? Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Is ssh's RhostsRSAAuthentication using the ~/.shosts file broken in -stable? On the server, OpenSSH on a FreeBSD-stable machine from Jan 30, /etc/ssh/sshd_config contains: IgnoreRhosts no IgnoreUserKnownHosts no RhostsRSAAuthentication yes and the ~/.shosts file is set up correctly for the host+user that wants to connect. Also, I have the client's public host key (RSA) in both ~/.ssh/known_hosts and /etc/ssh/ssh_known_hosts on the server machine. On the client side, ~/.ssh/config contains: Host server.example.com RhostsRSAAuthentication yes When the client is OpenSSH on a FreeBSD-stable machine, "slogin -v server.example.com" shows no attempt at all by the client to use RhostsRSAAuthentication. When the client is ssh-1.2.27, "slogin -v server.example.com" says: Remote: Accepted by .shosts. Remote: Your host key cannot be verified: unknown or invalid host key. John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message