diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 9 |
1 files changed, 4 insertions, 5 deletions
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.136 2000/12/05 16:47:28 todd Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.137 2000/12/12 21:45:21 markus Exp $"); |
44 | 44 | ||
45 | #include "xmalloc.h" | 45 | #include "xmalloc.h" |
46 | #include "rsa.h" | 46 | #include "rsa.h" |
@@ -1119,18 +1119,17 @@ main(int ac, char **av) | |||
1119 | 1119 | ||
1120 | sshd_exchange_identification(sock_in, sock_out); | 1120 | sshd_exchange_identification(sock_in, sock_out); |
1121 | /* | 1121 | /* |
1122 | * Check that the connection comes from a privileged port. Rhosts- | 1122 | * Check that the connection comes from a privileged port. |
1123 | * and Rhosts-RSA-Authentication only make sense from priviledged | 1123 | * Rhosts-Authentication only makes sense from priviledged |
1124 | * programs. Of course, if the intruder has root access on his local | 1124 | * programs. Of course, if the intruder has root access on his local |
1125 | * machine, he can connect from any port. So do not use these | 1125 | * machine, he can connect from any port. So do not use these |
1126 | * authentication methods from machines that you do not trust. | 1126 | * authentication methods from machines that you do not trust. |
1127 | */ | 1127 | */ |
1128 | if (remote_port >= IPPORT_RESERVED || | 1128 | if (remote_port >= IPPORT_RESERVED || |
1129 | remote_port < IPPORT_RESERVED / 2) { | 1129 | remote_port < IPPORT_RESERVED / 2) { |
1130 | debug("Rhosts Authentication methods disabled, " | 1130 | debug("Rhosts Authentication disabled, " |
1131 | "originating port not trusted."); | 1131 | "originating port not trusted."); |
1132 | options.rhosts_authentication = 0; | 1132 | options.rhosts_authentication = 0; |
1133 | options.rhosts_rsa_authentication = 0; | ||
1134 | } | 1133 | } |
1135 | #ifdef KRB4 | 1134 | #ifdef KRB4 |
1136 | if (!packet_connection_is_ipv4() && | 1135 | if (!packet_connection_is_ipv4() && |