- markus@cvs.openbsd.org 2000/12/12 14:45:21

     [sshd.c]
     source port < 1024 is no longer required for rhosts-rsa since it
     adds no additional security.
   - markus@cvs.openbsd.org 2000/12/12 16:11:49
     [ssh.1 ssh.c]
     rhosts-rsa is no longer automagically disabled if ssh is not privileged.
     UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
     these changes should not change the visible default behaviour of the ssh client.

4 files changed, 26 insertions, 21 deletions

diff --git a/ChangeLog b/ChangeLog
index 201aa4283..a09e11f5a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,15 @@
    - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
      [pty.c]
      KNF
+   - markus@cvs.openbsd.org 2000/12/12 14:45:21
+     [sshd.c]
+     source port < 1024 is no longer required for rhosts-rsa since it
+     adds no additional security.
+   - markus@cvs.openbsd.org 2000/12/12 16:11:49
+     [ssh.1 ssh.c]
+     rhosts-rsa is no longer automagically disabled if ssh is not privileged.
+     UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
+     these changes should not change the visible default behaviour of the ssh client.
 
 20001213
  - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
diff --git a/ssh.1 b/ssh.1
index 9a4330f55..fd791200d 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.71 2000/12/07 04:24:59 djm Exp $
+.\" $OpenBSD: ssh.1,v 1.72 2000/12/12 23:11:48 markus Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -464,7 +464,8 @@ not permit connections from privileged ports.
 Note that this option turns off
 .Cm RhostsAuthentication
 and
-.Cm RhostsRSAAuthentication .
+.Cm RhostsRSAAuthentication
+for older servers.
 .It Fl q
 Quiet mode.
 Causes all warning and diagnostic messages to be suppressed.
@@ -948,7 +949,8 @@ Note that setting this option to
 turns off
 .Cm RhostsAuthentication
 and
-.Cm RhostsRSAAuthentication .
+.Cm RhostsRSAAuthentication
+for older servers.
 .It Cm User
 Specifies the user to log in as.
 This can be useful if you have a different user name on different machines.
diff --git a/ssh.c b/ssh.c
index 5efc5c78c..c4ff5eed1 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.75 2000/11/30 07:02:35 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.77 2000/12/12 23:11:48 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@@ -575,11 +575,10 @@ main(int ac, char **av)
         if (!options.use_privileged_port) {
 #else
         if (original_effective_uid != 0 || !options.use_privileged_port) {
-                debug("Rhosts Authentication methods disabled, "
-                    "originating port will not be trusted.");
 #endif
+                debug("Rhosts Authentication disabled, "
+                    "originating port will not be trusted.");
                 options.rhosts_authentication = 0;
-                options.rhosts_rsa_authentication = 0;
         }
         /*
          * If using rsh has been selected, exec it now (without trying
@@ -602,17 +601,13 @@ main(int ac, char **av)
         /* Restore our superuser privileges. */
         restore_uid();
 
-        /*
-         * Open a connection to the remote host.  This needs root privileges
-         * if rhosts_{rsa_}authentication is enabled.
-         */
+        /* Open a connection to the remote host. */
 
         ok = ssh_connect(host, &hostaddr, options.port,
-                         options.connection_attempts,
-                         !options.rhosts_authentication &&
-                         !options.rhosts_rsa_authentication,
-                         original_real_uid,
-                         options.proxy_command);
+            options.connection_attempts,
+            original_effective_uid != 0 || !options.use_privileged_port,
+            original_real_uid,
+            options.proxy_command);
 
         /*
          * If we successfully made the connection, load the host private key
diff --git a/sshd.c b/sshd.c
index 669305443..0c9cdead1 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.136 2000/12/05 16:47:28 todd Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.137 2000/12/12 21:45:21 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1119,18 +1119,17 @@ main(int ac, char **av)
 
         sshd_exchange_identification(sock_in, sock_out);
         /*
-         * Check that the connection comes from a privileged port.  Rhosts-
-         * and Rhosts-RSA-Authentication only make sense from priviledged
+         * Check that the connection comes from a privileged port.
+         * Rhosts-Authentication only makes sense from priviledged
          * programs.  Of course, if the intruder has root access on his local
          * machine, he can connect from any port.  So do not use these
          * authentication methods from machines that you do not trust.
          */
         if (remote_port >= IPPORT_RESERVED ||
             remote_port < IPPORT_RESERVED / 2) {
-                debug("Rhosts Authentication methods disabled, "
+                debug("Rhosts Authentication disabled, "
                     "originating port not trusted.");
                 options.rhosts_authentication = 0;
-                options.rhosts_rsa_authentication = 0;
         }
 #ifdef KRB4
         if (!packet_connection_is_ipv4() &&