Subject: re: CVS commit: basesrc [netbsd-1-5]
To: Duncan McEwan <duncan@MCS.VUW.AC.NZ>
From: matthew green <firstname.lastname@example.org>
Date: 02/27/2001 22:18:37
> Pull up revisions 1.2,1.4-1.5 (requested by itojun):
> Update SSH to version found on trunk as of 26 Feb 2001.
> Ssh no longer setuid root.
But as far as I can tell (see my PR 12040) this breaks RSA/rhosts
functionality, since the client will not be able to read its private host
key. Whether this was a deliberate decision, or an accidental side effect,
I don't know. Or am I missing something...?
i believe it was judged that having ssh non-setuid was of more benefit to
the default installation than supporting the *rhosts* authentication
methods (which are disabled by default, in sshd.conf, anyway.) in most
cases, this is an unused feature of ssh that many people hold is *not* a
feature but a bug. there is a definiate convenience factor with the
*rhosts* authentication methods, but these require setup anyway, and
having the administrator enable the setuid bit is simply another part of
this task. this should probably be documented better...