source-changes: re: CVS commit: basesrc [netbsd-1-5]

Subject: re: CVS commit: basesrc [netbsd-1-5]
To: Duncan McEwan <duncan@MCS.VUW.AC.NZ>
From: matthew green <mrg@eterna.com.au>
List: source-changes
Date: 02/27/2001 22:18:37

   > Pull up revisions 1.2,1.4-1.5 (requested by itojun):
   >   Update SSH to version found on trunk as of 26 Feb 2001.
   >   ...
   >   Ssh no longer setuid root.
   
   But as far as I can tell (see my PR 12040) this breaks RSA/rhosts
   functionality, since the client will not be able to read its private host
   key.  Whether this was a deliberate decision, or an accidental side effect,
   I don't know.  Or am I missing something...?



i believe it was judged that having ssh non-setuid was of more benefit to
the default installation than supporting the *rhosts* authentication
methods (which are disabled by default, in sshd.conf, anyway.)  in most
cases, this is an unused feature of ssh that many people hold is *not* a
feature but a bug.  there is a definiate convenience factor with the
*rhosts* authentication methods, but these require setup anyway, and
having the administrator enable the setuid bit is simply another part of
this task.  this should probably be documented better...


.mrg.