hostbased authentication and the root account
rene.klootwijk at nl.abnamro.com
rene.klootwijk at nl.abnamro.com
Thu Apr 25 01:56:51 EST 2002
We have a problem using hostbased authentication in combination with the
root account. We use hostbased authentication to hop from a 'management
server' where we use strong authentication to several systems in a cluster.
The management server is defined in shosts.equiv and the public key of this
server is defined in ssh_known_hosts. This setup works for all users except
for the root user (which is needed for maintenance scripts to work). We've
got it working for the root account by specifying the management server in
the /root/.shosts file and setting the IgnoreRhosts option to no. This is
not what we want, we want to ignore user specific shost files, so setting
the IgnoreRhosts option to yes. In the source of auth-rhosts.c, line 205,
an if statement specifies that the central shosts.equiv file is only
checked for accounts other than root. Why is this?
Regards,
Rene
---------------------------------------------------------------------------
This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the sender by
return e-mail and delete this message from your system. Any unauthorised
use or dissemination of this message in whole or in part is strictly
prohibited. Please note that e-mails are susceptible to change.
ABN AMRO Bank N.V. (including its group companies) shall not be liable for
the improper or incomplete transmission of the information contained in
this communication nor for any delay in its receipt or damage to your
system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that
the integrity of this communication has been maintained nor that this
communication is free of viruses, interceptions or interference.
---------------------------------------------------------------------------
More information about the openssh-unix-dev
mailing list