3 files changed, 44 insertions, 52 deletions
diff --git a/ChangeLog b/ChangeLog
index 9cf5c0313..08f910264 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,9 @@
   - dtucker@cvs.openbsd.org 2004/08/23 14:29:23
     [ssh-keysign.c]
     Remove duplicate getuid(), suggested by & ok markus@
+   - markus@cvs.openbsd.org 2004/08/26 16:00:55
+     [ssh.1 sshd.8]
+     get rid of references to rhosts authentication; with jmc@
 20040828
 - (dtucker) [openbsd-compat/mktemp.c] Remove superfluous Cygwin #ifdef; from
@@ -1683,4 +1686,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3526 2004/08/29 06:32:59 dtucker Exp $
+$Id: ChangeLog,v 1.3527 2004/08/29 06:37:24 dtucker Exp $
diff --git a/ssh.1 b/ssh.1
index 0ff77ea29..b9ee4c62b 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $
+.\" $OpenBSD: ssh.1,v 1.195 2004/08/26 16:00:55 markus Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -103,35 +103,25 @@ is specified,
 .Ar command
 is executed on the remote host instead of a login shell.
 .Ss SSH protocol version 1
-First, if the machine the user logs in from is listed in
+The first authentication method is the
+.Em rhosts
+or
+.Em hosts.equiv
+method combined with RSA-based host authentication.
+If the machine the user logs in from is listed in
 .Pa /etc/hosts.equiv
 or
 .Pa /etc/shosts.equiv
 on the remote machine, and the user names are
-the same on both sides, the user is immediately permitted to log in.
+the same on both sides, or if the files
-Second, if
+.Pa $HOME/.rhosts
-.Pa .rhosts
 or
-.Pa .shosts
+.Pa $HOME/.shosts
-exists in the user's home directory on the
+exist in the user's home directory on the
-remote machine and contains a line containing the name of the client
+remote machine and contain a line containing the name of the client
 machine and the name of the user on that machine, the user is
-permitted to log in.
+considered for log in.
-This form of authentication alone is normally not
+Additionally, if the server can verify the client's
-allowed by the server because it is not secure.
-.Pp
-The second authentication method is the
-.Em rhosts
-or
-.Em hosts.equiv
-method combined with RSA-based host authentication.
-It means that if the login would be permitted by
-.Pa $HOME/.rhosts ,
-.Pa $HOME/.shosts ,
-.Pa /etc/hosts.equiv ,
-or
-.Pa /etc/shosts.equiv ,
-and if additionally the server can verify the client's
 host key (see
 .Pa /etc/ssh/ssh_known_hosts
 and
@@ -147,7 +137,7 @@ spoofing, DNS spoofing and routing spoofing.
 and the rlogin/rsh protocol in general, are inherently insecure and should be
 disabled if security is desired.]
 .Pp
-As a third authentication method,
+As a second authentication method,
 .Nm
 supports RSA based authentication.
 The scheme is based on public-key cryptography: there are cryptosystems
@@ -195,9 +185,6 @@ file corresponds to the conventional
 file, and has one key
 per line, though the lines can be very long).
 After this, the user can log in without giving the password.
-RSA authentication is much more secure than
-.Em rhosts
-authentication.
 .Pp
 The most convenient way to use RSA authentication may be with an
 authentication agent.
@@ -1012,7 +999,9 @@ By default
 is not setuid root.
 .It Pa $HOME/.rhosts
 This file is used in
-.Em rhosts
+.Cm RhostsRSAAuthentication
+and
+.Cm HostbasedAuthentication
 authentication to list the
 host/user pairs that are permitted to log in.
 (Note that this file is
@@ -1031,12 +1020,10 @@ The recommended
 permission for most machines is read/write for the user, and not
 accessible by others.
 .Pp
-Note that by default
+Note that
 .Xr sshd 8
-will be installed so that it requires successful RSA host
+allows authentication only in combination with client host key
-authentication before permitting
+authentication before permitting log in.
-.Em rhosts
-authentication.
 If the server machine does not have the client's host key in
 .Pa /etc/ssh/ssh_known_hosts ,
 it can be stored in
@@ -1049,15 +1036,19 @@ will automatically add the host key to
 This file is used exactly the same way as
 .Pa .rhosts .
 The purpose for
-having this file is to be able to use rhosts authentication with
+having this file is to be able to use
-.Nm
+.Cm RhostsRSAAuthentication
-without permitting login with
+and
+.Cm HostbasedAuthentication
+authentication without permitting login with
 .Xr rlogin
 or
 .Xr rsh 1 .
 .It Pa /etc/hosts.equiv
 This file is used during
-.Em rhosts
+.Cm RhostsRSAAuthentication
+and
+.Cm HostbasedAuthentication
 authentication.
 It contains
 canonical hosts names, one per line (the full format is described in the
@@ -1066,8 +1057,7 @@ manual page).
 If the client host is found in this file, login is
 automatically permitted provided client and server user names are the
 same.
-Additionally, successful RSA host authentication is normally
+Additionally, successful client host key authentication is required.
-required.
 This file should only be writable by root.
 .It Pa /etc/shosts.equiv
 This file is processed exactly as
diff --git a/sshd.8 b/sshd.8
index 233b00037..83d0f48d2 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.201 2004/05/02 11:54:31 dtucker Exp $
+.\" $OpenBSD: sshd.8,v 1.202 2004/08/26 16:00:55 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -106,8 +106,6 @@ to use from those offered by the server.
 Next, the server and the client enter an authentication dialog.
 The client tries to authenticate itself using
 .Em .rhosts
-authentication,
-.Em .rhosts
 authentication combined with RSA host
 authentication, RSA challenge-response authentication, or password
 based authentication.
@@ -135,11 +133,6 @@ or
 .Ql \&*NP\&*
 ).
 .Pp
-.Em rhosts
-authentication is normally disabled
-because it is fundamentally insecure, but can be enabled in the server
-configuration file if desired.
-System security is not improved unless
 .Nm rshd ,
 .Nm rlogind ,
 and
@@ -670,7 +663,11 @@ Access controls that should be enforced by tcp-wrappers are defined here.
 Further details are described in
 .Xr hosts_access 5 .
 .It Pa $HOME/.rhosts
-This file contains host-username pairs, separated by a space, one per
+This file is used during
+.Cm RhostsRSAAuthentication
+and
+.Cm HostbasedAuthentication
+and contains host-username pairs, separated by a space, one per
 line.
 The given user on the corresponding host is permitted to log in
 without a password.
@@ -691,7 +688,9 @@ However, this file is
 not used by rlogin and rshd, so using this permits access using SSH only.
 .It Pa /etc/hosts.equiv
 This file is used during
-.Em rhosts
+.Cm RhostsRSAAuthentication
+and
+.Cm HostbasedAuthentication
 authentication.
 In the simplest form, this file contains host names, one per line.
 Users on
@@ -710,7 +709,7 @@ Negated entries start with
 If the client host/user is successfully matched in this file, login is
 automatically permitted provided the client and server user names are the
 same.
-Additionally, successful RSA host authentication is normally required.
+Additionally, successful client host key authentication is required.
 This file must be writable only by root; it is recommended
 that it be world-readable.
 .Pp

diff --git a/ChangeLog b/ChangeLog index 9cf5c0313..08f910264 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -16,6 +16,9 @@
16	- dtucker@cvs.openbsd.org 2004/08/23 14:29:23	16	- dtucker@cvs.openbsd.org 2004/08/23 14:29:23
17	[ssh-keysign.c]	17	[ssh-keysign.c]
18	Remove duplicate getuid(), suggested by & ok markus@	18	Remove duplicate getuid(), suggested by & ok markus@
		19	- markus@cvs.openbsd.org 2004/08/26 16:00:55
		20	[ssh.1 sshd.8]
		21	get rid of references to rhosts authentication; with jmc@
19		22
20	20040828	23	20040828
21	- (dtucker) [openbsd-compat/mktemp.c] Remove superfluous Cygwin #ifdef; from	24	- (dtucker) [openbsd-compat/mktemp.c] Remove superfluous Cygwin #ifdef; from
@@ -1683,4 +1686,4 @@
1683	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	1686	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
1684	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	1687	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
1685		1688
1686	$Id: ChangeLog,v 1.3526 2004/08/29 06:32:59 dtucker Exp $	1689	$Id: ChangeLog,v 1.3527 2004/08/29 06:37:24 dtucker Exp $


diff --git a/ssh.1 b/ssh.1 index 0ff77ea29..b9ee4c62b 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $	37	.\" $OpenBSD: ssh.1,v 1.195 2004/08/26 16:00:55 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
@@ -103,35 +103,25 @@ is specified,
103	.Ar command	103	.Ar command
104	is executed on the remote host instead of a login shell.	104	is executed on the remote host instead of a login shell.
105	.Ss SSH protocol version 1	105	.Ss SSH protocol version 1
106	First, if the machine the user logs in from is listed in	106	The first authentication method is the
		107	.Em rhosts
		108	or
		109	.Em hosts.equiv
		110	method combined with RSA-based host authentication.
		111	If the machine the user logs in from is listed in
107	.Pa /etc/hosts.equiv	112	.Pa /etc/hosts.equiv
108	or	113	or
109	.Pa /etc/shosts.equiv	114	.Pa /etc/shosts.equiv
110	on the remote machine, and the user names are	115	on the remote machine, and the user names are
111	the same on both sides, the user is immediately permitted to log in.	116	the same on both sides, or if the files
112	Second, if	117	.Pa $HOME/.rhosts
113	.Pa .rhosts
114	or	118	or
115	.Pa .shosts	119	.Pa $HOME/.shosts
116	exists in the user's home directory on the	120	exist in the user's home directory on the
117	remote machine and contains a line containing the name of the client	121	remote machine and contain a line containing the name of the client
118	machine and the name of the user on that machine, the user is	122	machine and the name of the user on that machine, the user is
119	permitted to log in.	123	considered for log in.
120	This form of authentication alone is normally not	124	Additionally, if the server can verify the client's
121	allowed by the server because it is not secure.
122	.Pp
123	The second authentication method is the
124	.Em rhosts
125	or
126	.Em hosts.equiv
127	method combined with RSA-based host authentication.
128	It means that if the login would be permitted by
129	.Pa $HOME/.rhosts ,
130	.Pa $HOME/.shosts ,
131	.Pa /etc/hosts.equiv ,
132	or
133	.Pa /etc/shosts.equiv ,
134	and if additionally the server can verify the client's
135	host key (see	125	host key (see
136	.Pa /etc/ssh/ssh_known_hosts	126	.Pa /etc/ssh/ssh_known_hosts
137	and	127	and
@@ -147,7 +137,7 @@ spoofing, DNS spoofing and routing spoofing.
147	and the rlogin/rsh protocol in general, are inherently insecure and should be	137	and the rlogin/rsh protocol in general, are inherently insecure and should be
148	disabled if security is desired.]	138	disabled if security is desired.]
149	.Pp	139	.Pp
150	As a third authentication method,	140	As a second authentication method,
151	.Nm	141	.Nm
152	supports RSA based authentication.	142	supports RSA based authentication.
153	The scheme is based on public-key cryptography: there are cryptosystems	143	The scheme is based on public-key cryptography: there are cryptosystems
@@ -195,9 +185,6 @@ file corresponds to the conventional
195	file, and has one key	185	file, and has one key
196	per line, though the lines can be very long).	186	per line, though the lines can be very long).
197	After this, the user can log in without giving the password.	187	After this, the user can log in without giving the password.
198	RSA authentication is much more secure than
199	.Em rhosts
200	authentication.
201	.Pp	188	.Pp
202	The most convenient way to use RSA authentication may be with an	189	The most convenient way to use RSA authentication may be with an
203	authentication agent.	190	authentication agent.
@@ -1012,7 +999,9 @@ By default
1012	is not setuid root.	999	is not setuid root.
1013	.It Pa $HOME/.rhosts	1000	.It Pa $HOME/.rhosts
1014	This file is used in	1001	This file is used in
1015	.Em rhosts	1002	.Cm RhostsRSAAuthentication
		1003	and
		1004	.Cm HostbasedAuthentication
1016	authentication to list the	1005	authentication to list the
1017	host/user pairs that are permitted to log in.	1006	host/user pairs that are permitted to log in.
1018	(Note that this file is	1007	(Note that this file is
@@ -1031,12 +1020,10 @@ The recommended
1031	permission for most machines is read/write for the user, and not	1020	permission for most machines is read/write for the user, and not
1032	accessible by others.	1021	accessible by others.
1033	.Pp	1022	.Pp
1034	Note that by default	1023	Note that
1035	.Xr sshd 8	1024	.Xr sshd 8
1036	will be installed so that it requires successful RSA host	1025	allows authentication only in combination with client host key
1037	authentication before permitting	1026	authentication before permitting log in.
1038	.Em rhosts
1039	authentication.
1040	If the server machine does not have the client's host key in	1027	If the server machine does not have the client's host key in
1041	.Pa /etc/ssh/ssh_known_hosts ,	1028	.Pa /etc/ssh/ssh_known_hosts ,
1042	it can be stored in	1029	it can be stored in
@@ -1049,15 +1036,19 @@ will automatically add the host key to
1049	This file is used exactly the same way as	1036	This file is used exactly the same way as
1050	.Pa .rhosts .	1037	.Pa .rhosts .
1051	The purpose for	1038	The purpose for
1052	having this file is to be able to use rhosts authentication with	1039	having this file is to be able to use
1053	.Nm	1040	.Cm RhostsRSAAuthentication
1054	without permitting login with	1041	and
		1042	.Cm HostbasedAuthentication
		1043	authentication without permitting login with
1055	.Xr rlogin	1044	.Xr rlogin
1056	or	1045	or
1057	.Xr rsh 1 .	1046	.Xr rsh 1 .
1058	.It Pa /etc/hosts.equiv	1047	.It Pa /etc/hosts.equiv
1059	This file is used during	1048	This file is used during
1060	.Em rhosts	1049	.Cm RhostsRSAAuthentication
		1050	and
		1051	.Cm HostbasedAuthentication
1061	authentication.	1052	authentication.
1062	It contains	1053	It contains
1063	canonical hosts names, one per line (the full format is described in the	1054	canonical hosts names, one per line (the full format is described in the
@@ -1066,8 +1057,7 @@ manual page).
1066	If the client host is found in this file, login is	1057	If the client host is found in this file, login is
1067	automatically permitted provided client and server user names are the	1058	automatically permitted provided client and server user names are the
1068	same.	1059	same.
1069	Additionally, successful RSA host authentication is normally	1060	Additionally, successful client host key authentication is required.
1070	required.
1071	This file should only be writable by root.	1061	This file should only be writable by root.
1072	.It Pa /etc/shosts.equiv	1062	.It Pa /etc/shosts.equiv
1073	This file is processed exactly as	1063	This file is processed exactly as


diff --git a/sshd.8 b/sshd.8 index 233b00037..83d0f48d2 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.201 2004/05/02 11:54:31 dtucker Exp $	37	.\" $OpenBSD: sshd.8,v 1.202 2004/08/26 16:00:55 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -106,8 +106,6 @@ to use from those offered by the server.
106	Next, the server and the client enter an authentication dialog.	106	Next, the server and the client enter an authentication dialog.
107	The client tries to authenticate itself using	107	The client tries to authenticate itself using
108	.Em .rhosts	108	.Em .rhosts
109	authentication,
110	.Em .rhosts
111	authentication combined with RSA host	109	authentication combined with RSA host
112	authentication, RSA challenge-response authentication, or password	110	authentication, RSA challenge-response authentication, or password
113	based authentication.	111	based authentication.
@@ -135,11 +133,6 @@ or
135	.Ql \&NP\&	133	.Ql \&NP\&
136	).	134	).
137	.Pp	135	.Pp
138	.Em rhosts
139	authentication is normally disabled
140	because it is fundamentally insecure, but can be enabled in the server
141	configuration file if desired.
142	System security is not improved unless
143	.Nm rshd ,	136	.Nm rshd ,
144	.Nm rlogind ,	137	.Nm rlogind ,
145	and	138	and
@@ -670,7 +663,11 @@ Access controls that should be enforced by tcp-wrappers are defined here.
670	Further details are described in	663	Further details are described in
671	.Xr hosts_access 5 .	664	.Xr hosts_access 5 .
672	.It Pa $HOME/.rhosts	665	.It Pa $HOME/.rhosts
673	This file contains host-username pairs, separated by a space, one per	666	This file is used during
		667	.Cm RhostsRSAAuthentication
		668	and
		669	.Cm HostbasedAuthentication
		670	and contains host-username pairs, separated by a space, one per
674	line.	671	line.
675	The given user on the corresponding host is permitted to log in	672	The given user on the corresponding host is permitted to log in
676	without a password.	673	without a password.
@@ -691,7 +688,9 @@ However, this file is
691	not used by rlogin and rshd, so using this permits access using SSH only.	688	not used by rlogin and rshd, so using this permits access using SSH only.
692	.It Pa /etc/hosts.equiv	689	.It Pa /etc/hosts.equiv
693	This file is used during	690	This file is used during
694	.Em rhosts	691	.Cm RhostsRSAAuthentication
		692	and
		693	.Cm HostbasedAuthentication
695	authentication.	694	authentication.
696	In the simplest form, this file contains host names, one per line.	695	In the simplest form, this file contains host names, one per line.
697	Users on	696	Users on
@@ -710,7 +709,7 @@ Negated entries start with
710	If the client host/user is successfully matched in this file, login is	709	If the client host/user is successfully matched in this file, login is
711	automatically permitted provided the client and server user names are the	710	automatically permitted provided the client and server user names are the
712	same.	711	same.
713	Additionally, successful RSA host authentication is normally required.	712	Additionally, successful client host key authentication is required.
714	This file must be writable only by root; it is recommended	713	This file must be writable only by root; it is recommended
715	that it be world-readable.	714	that it be world-readable.
716	.Pp	715	.Pp