OpenSSH 3.4p1 hostbased authentication
Ben Lindstrom
mouring at etoh.eviladmin.org
Fri Feb 28 08:28:40 EST 2003
On Thu, 27 Feb 2003, Markus Friedl wrote:
> On Thu, Feb 27, 2003 at 12:13:47PM -0600, Ben Lindstrom wrote:
> > My impression (skiming the manpages) that .rhosts/.shosts v1 only.
>
> no, it's for both protocols. there should be no difference.
>
So other than RhostsIgnore. I as an admin have no control to stop
rhost/shosts usage on my servers for v2? You sure Markus?
RhostsAuthentication
Specifies whether authentication using rhosts or /etc/hosts.equiv
files is sufficient. Normally, this method should not be permit-
ted because it is insecure. RhostsRSAAuthentication should be
used instead, because it performs RSA-based host authentication
in addition to normal rhosts or /etc/hosts.equiv authentication.
The default is ``no''. This option applies to protocol version 1
only.
RhostsRSAAuthentication
Specifies whether rhosts or /etc/hosts.equiv authentication to-
gether with successful RSA host authentication is allowed. The
default is ``no''. This option applies to protocol version 1 on-
ly.
More information about the openssh-unix-dev
mailing list