Bugtraq mailing list archives

Re: Bug in ssh client (open ssh 2.3.0)

From: rafal wiosna <rafamiga () UUCP POLBOX PL>
Date: Fri, 9 Feb 2001 19:21:36 +0100

* Tomasz Kuźniar wrote:

Ssh client is suid, so it could be real problem. Must check source...


        SUID is only needed when using rhosts or rshost-rsa authentication.
Many installations don't need it. Just set this option [taken from man ssh]:

     UsePrivilegedPort
             Specifies whether to use a privileged port for outgoing connec-
             tions.  The argument must be `yes'' or `no''. The default is
             `yes''. Note that setting this option to `no'' turns off
             RhostsAuthentication and RhostsRSAAuthentication.

--
__________________________________________________________________________
rafal wiosna * Polbox On-Line Service * Fidonet 2:480/33 * In ARP we trust
Powered by /usr/local/bin/joe B.O.F.P (alias|free).polbox.pl admin * AR155
RAFD-RIPE * PGP nyckeln finns tillgänglig pĺ www.se.pgp.net (ID: 3CDCB7A9)

Current thread:

Re: Bug in ssh client (open ssh 2.3.0) Ben Greenbaum (Feb 10)
- <Possible follow-ups>
- Bug in ssh client (open ssh 2.3.0) Tomasz Kuźniar (Feb 10)
  - Re: Bug in ssh client (open ssh 2.3.0) rafal wiosna (Feb 10)
    - Re: Bug in ssh client (open ssh 2.3.0) Tatu Ylonen (Feb 10)
- Re: Bug in ssh client (open ssh 2.3.0) Tatu Ylonen (Feb 12)