ssh -2 and hostbasedauth

Markus Friedl markus at openbsd.org
Sat Nov 17 03:16:44 EST 2001


On Fri, Nov 16, 2001 at 05:06:48PM +0100, Gert Doering wrote:
> Hi,
> 
> On Fri, Nov 16, 2001 at 04:57:09PM +0100, Markus Friedl wrote:
> > > This message is seriously misleading...  I guess it means "ok, you're in
> > > the .shosts file, now check the key" (and it will never tell the result of
> > > checking the key).
> > yes.
> 
> Thanks :)
> 
> Does protocol / design allow clarification of these messages so that
> a not-so-experienced user can understand what is happening and why
> ".shosts is accepted but it still doesn't work"?
> 
> ssh -1 is easier to understand in that regard (especially as it will also
> tell you *which* hostname and user name it used for checking).

the old ssh v1 implementation uses debug messages to disclose
information. i don't like to tell un-authorized users information
about the system, so i did not add more debug messages.

however, i think we can add debug messages and make
debug messages an option.
-m



More information about the openssh-unix-dev mailing list