Subject: Re: ssh
To: Peter Svensson <email@example.com>
From: Michael Graff <firstname.lastname@example.org>
Date: 08/17/1996 17:25:22
Peter Svensson <email@example.com> writes:
> Unless you want to replace rsh/rlogin with ssh. You can only use the
> one-key-per-person mode if ssh is not setuid. To allow one computer to trust
> the credentials of users from another they must run ssh suid, so it can
> allocate a low port (<1024) and read the ssh_host_key.
This isn't entirely true.
I use ssh to connect to the machine next to me all the time. I do need
to have my public key in the remote user's .ssh/authorized_keys file,
but it still works just fine.
My main reason to remove the setuid bit was so it could work through
our rather restrictive firewall.