Date: Sat, 03 Mar 2001 13:38:07 -0800 (PST) From: John Polstra <jdp@polstra.com> To: stable@freebsd.org Subject: Is RhostsRSAAuthentication broken? Message-ID: <XFMail.010303133807.jdp@polstra.com>
next in thread | raw e-mail | index | archive | help
Is ssh's RhostsRSAAuthentication using the ~/.shosts file broken in
-stable? On the server, OpenSSH on a FreeBSD-stable machine from Jan
30, /etc/ssh/sshd_config contains:
IgnoreRhosts no
IgnoreUserKnownHosts no
RhostsRSAAuthentication yes
and the ~/.shosts file is set up correctly for the host+user that
wants to connect. Also, I have the client's public host key (RSA) in
both ~/.ssh/known_hosts and /etc/ssh/ssh_known_hosts on the server
machine.
On the client side, ~/.ssh/config contains:
Host server.example.com
RhostsRSAAuthentication yes
When the client is OpenSSH on a FreeBSD-stable machine, "slogin -v
server.example.com" shows no attempt at all by the client to use
RhostsRSAAuthentication.
When the client is ssh-1.2.27, "slogin -v server.example.com" says:
Remote: Accepted by .shosts.
Remote: Your host key cannot be verified: unknown or invalid host key.
John
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010303133807.jdp>