Re: Rhosts authentication with openssh 3.7

• Previous message: jpm: "Re: Chroot Environment crazy"
• In reply to: Nico Kadel-Garcia: "Re: Rhosts authentication with openssh 3.7"
• Next in thread: Darren Tucker: "Re: Rhosts authentication with openssh 3.7"
• Reply: Darren Tucker: "Re: Rhosts authentication with openssh 3.7"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 24 Nov 2003 07:33:07 -0800

I know that rhosts based authentication is HEAVILY unsecured but in my
special case, it would help. I don't like the idea of having a feature
in a software that disappears one day in a release just because
someone said "what that f... option ?!? still exists ?... ok let's
blast it !".
Someone know if there is a patch to restore this option ? (no it's not
a joke...).
Ok, I know the answer... I'll restore the source code from v3.6. I
like this job !...

thanks
ludo.

"Nico Kadel-Garcia" <nkadel@comcast.net> wrote in message news:<jKGdneBoNr4nQV2i4p2dnA@comcast.com>...
> "Neil W Rickert" <rickert+nn@cs.niu.edu> wrote in message
> news:bpmaop$lbm$1@husk.cso.niu.edu...
> > ludovic.leclerc@col.bsf.alcatel.fr (ludovic LECLERC) writes:
> >
> > >> Either:
>
> > >> Make "ssh" setuid
>
> > >> chown ssh root
> > >> chmod u+s ssh
>
> > >> or:
>
> > >> set EnableSSHKeysign to "yes" in your ssh_config
> > >> file. (And make sure that ssh-keysign is setuid).
>
> > >Is there still a way with openssh 3.7 to have an authentication only
> > >based on .rhosts file (without RSA, DSA keys or stuff like that) ?...
> >
> > I haven't tried it. This was only ever possible with protocol 1.
> >
> > Why would you want to allow something that insecure? Best is to
> > use ".shosts", and not ".rhosts"
> >
> > The host based authentication that does work uses ".rhosts" or
> > ".shosts", and uses the host keys. You need not generate any
> > personal keys.
>
> As I remember, you also have to list the SSH client's hostkeys in a
> "known_hostkeys" file, either the user's or the server system's. But it's
> been a while since I last tried this....

• Previous message: jpm: "Re: Chroot Environment crazy"
• In reply to: Nico Kadel-Garcia: "Re: Rhosts authentication with openssh 3.7"
• Next in thread: Darren Tucker: "Re: Rhosts authentication with openssh 3.7"
• Reply: Darren Tucker: "Re: Rhosts authentication with openssh 3.7"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: System Restore and SYSTEM CHECKPOINTS ... in Scheduled Tasks using the Scheduled Task Wizard. ... > One more question Gman, when you say "I was trying to SET UP the ... > automatic System Restore ... > feature" are you referring to setting up SR in Scheduled Tasks? ... (microsoft.public.windowsxp.perform_maintain) Re: ZoneAlarm- To All Z. A. Users! ... I was having all kinds of problems, pages would not display, the restore ... She was able to use her restore feature but it did not solve ... waiting for my daughter to email the link, ... (microsoft.public.windowsxp.basics) System reboots after 16 minutes of user inactivity ... Sadie ... >Thanks for your help - I decided to use the Restore ... > and chose last Sunday's points - after doing the ... (microsoft.public.windowsxp.security_admin) Re: System Restore ... You mean to say you haven't visited Windows Update since last July? ... > "Ted Zieglar" wrote: ... >> System Restore will not restore your system to an unstable state. ... I am referring to the Windows XP feature. ... (microsoft.public.windowsxp.perform_maintain) Computer acting strange? ... I used the "restore" feature and all was ok for a few days. ... I am running Windows XP Pro ... and would like to know if I can do a repair install ... (microsoft.public.windowsxp.general)