Bugtraq: Re: Bug in ssh client (open ssh 2.3.0)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Bug in ssh client (open ssh 2.3.0)

From: rafal wiosna <rafamiga () UUCP POLBOX PL>
Date: Fri, 9 Feb 2001 19:21:36 +0100

* Tomasz Kuźniar wrote:

Ssh client is suid, so it could be real problem. Must check source...


        SUID is only needed when using rhosts or rshost-rsa authentication.
Many installations don't need it. Just set this option [taken from man ssh]:

     UsePrivilegedPort
             Specifies whether to use a privileged port for outgoing connec-
             tions.  The argument must be `yes'' or `no''. The default is
             `yes''. Note that setting this option to `no'' turns off
             RhostsAuthentication and RhostsRSAAuthentication.

--
__________________________________________________________________________
rafal wiosna * Polbox On-Line Service * Fidonet 2:480/33 * In ARP we trust
Powered by /usr/local/bin/joe B.O.F.P (alias|free).polbox.pl admin * AR155
RAFD-RIPE * PGP nyckeln finns tillgänglig pĺ www.se.pgp.net (ID: 3CDCB7A9)

By Date By Thread

Current thread:

Re: Bug in ssh client (open ssh 2.3.0) Ben Greenbaum (Feb 10)
- <Possible follow-ups>
- Bug in ssh client (open ssh 2.3.0) Tomasz Kuźniar (Feb 10)
  - Re: Bug in ssh client (open ssh 2.3.0) rafal wiosna (Feb 10)
    - Re: Bug in ssh client (open ssh 2.3.0) Tatu Ylonen (Feb 10)
- Re: Bug in ssh client (open ssh 2.3.0) Tatu Ylonen (Feb 12)