Inconsistent server/client configuration
Markus Friedl
markus at openbsd.org
Thu Oct 25 00:03:17 EST 2001
your mail is missing many details, but i assume you are talking
about hostbased authentication.
On Wed, Oct 24, 2001 at 10:51:57AM +0200, Hans Werner Strube wrote:
> It appears somewhat inconsistent to me that parameter HostKey is configurable
> on the server side but fixed on the client side.
> On the client, always _PATH_HOST_KEY_FILE, _PATH_HOST_DSA_KEY_FILE,
> _PATH_HOST_RSA_KEY_FILE are used (in this order), whereas on the server,
> the paths can be specified by up to three HostKey options as arbitrary names
> in arbitrary sequence.
because the client is setuid root. you don't want to make
ssh read every private key on the system.
the client _could_ get the hostkey pathnames from sshd_config,
but then you have to hardcode another filename.
-m
More information about the openssh-unix-dev
mailing list