apparent ssh_config fascism
Phillip Brown
P.Brown at mmu.ac.uk
Sat Nov 16 03:59:24 EST 2002
It appears that /etc/ssh/ssh_config enforces policy on local users in
addition to its documented role as provider of defaults.
$ ssh -V
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
$ cat .ssh/config
Host localhost
HostbasedAuthentication yes
PreferredAuthentications hostbased
$ ssh localhost
Hostbased authentication not enabled in /etc/ssh/ssh_config
ssh_keysign: no reply
key_sign failed
Permission denied (publickey,password,keyboard-interactive,hostbased).
The situation is rectified by enabling Hostbased authentication in
/etc/ssh/ssh_config (as the error message suggests), but this must be
done by the systems administrator. Why is the setting in .ssh/config not
sufficient? Is this behaviour a bug or a feature?
BTW these experiences are with the RPM for Red Hat 7.3
More information about the openssh-unix-dev
mailing list