- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
- [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
deraadt,millert
- Brought default sshd_config more in line with OpenBSDs
diff --git a/ChangeLog b/ChangeLog
index 2d702dc..a1e2cac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,10 @@
19991112
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
+ - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
+ IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
+ deraadt,millert
+ - Brought default sshd_config more in line with OpenBSD's
19991111
- Added (untested) Entropy Gathering Daemon (EGD) support
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index ee6af21..b6f1d6c 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -15,22 +15,22 @@
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.2 1999/11/11 00:43:13 damien Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.3 1999/11/12 00:33:04 damien Exp $");
#include "packet.h"
#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
+#include "servconf.h"
/* Tries to authenticate the user using the .rhosts file and the host using
- its host key. Returns true if authentication succeeds.
- .rhosts and .shosts will be ignored if ignore_rhosts is non-zero. */
+ its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int client_host_key_bits,
- BIGNUM *client_host_key_e, BIGNUM *client_host_key_n,
- int ignore_rhosts, int strict_modes)
+ BIGNUM *client_host_key_e, BIGNUM *client_host_key_n)
{
+ extern ServerOptions options;
const char *canonical_hostname;
HostStatus host_status;
BIGNUM *ke, *kn;
@@ -38,7 +38,7 @@
debug("Trying rhosts with RSA host authentication for %.100s", client_user);
/* Check if we would accept it using rhosts authentication. */
- if (!auth_rhosts(pw, client_user, ignore_rhosts, strict_modes))
+ if (!auth_rhosts(pw, client_user, options.ignore_rhosts, options.strict_modes))
return 0;
canonical_hostname = get_canonical_hostname();
@@ -53,13 +53,14 @@
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
client_host_key_bits, client_host_key_e,
client_host_key_n, ke, kn);
- /* Check user host file. */
- if (host_status != HOST_OK) {
+
+ /* Check user host file unless ignored. */
+ if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
struct stat st;
char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
/* Check file permissions of SSH_USER_HOSTFILE,
auth_rsa() did already check pw->pw_dir, but there is a race XXX */
- if (strict_modes &&
+ if (options.strict_modes &&
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
diff --git a/servconf.c b/servconf.c
index d7f54a6..b1e5263 100644
--- a/servconf.c
+++ b/servconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$Id: servconf.c,v 1.2 1999/11/11 06:57:39 damien Exp $");
+RCSID("$Id: servconf.c,v 1.3 1999/11/12 00:33:04 damien Exp $");
#include "ssh.h"
#include "servconf.h"
@@ -31,6 +31,7 @@
options->key_regeneration_time = -1;
options->permit_root_login = -1;
options->ignore_rhosts = -1;
+ options->ignore_user_known_hosts = -1;
options->print_motd = -1;
options->check_mail = -1;
options->x11_forwarding = -1;
@@ -88,6 +89,8 @@
options->permit_root_login = 1; /* yes */
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 0;
+ if (options->ignore_user_known_hosts == -1)
+ options->ignore_user_known_hosts = 0;
if (options->check_mail == -1)
options->check_mail = 0;
if (options->print_motd == -1)
@@ -156,8 +159,8 @@
sPasswordAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
- sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups
-
+ sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sIgnoreUserKnownHosts
} ServerOpCodes;
/* Textual representation of the tokens. */
@@ -195,6 +198,7 @@
{ "listenaddress", sListenAddress },
{ "printmotd", sPrintMotd },
{ "ignorerhosts", sIgnoreRhosts },
+ { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
{ "x11forwarding", sX11Forwarding },
{ "x11displayoffset", sX11DisplayOffset },
{ "strictmodes", sStrictModes },
@@ -402,7 +406,11 @@
if (*intptr == -1)
*intptr = value;
break;
-
+
+ case sIgnoreUserKnownHosts:
+ intptr = &options->ignore_user_known_hosts;
+ goto parse_int;
+
case sRhostsAuthentication:
intptr = &options->rhosts_authentication;
goto parse_flag;
diff --git a/servconf.h b/servconf.h
index 584935b..e16f3d0 100644
--- a/servconf.h
+++ b/servconf.h
@@ -13,7 +13,7 @@
*/
-/* RCSID("$Id: servconf.h,v 1.2 1999/11/11 06:57:40 damien Exp $"); */
+/* RCSID("$Id: servconf.h,v 1.3 1999/11/12 00:33:04 damien Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
@@ -33,6 +33,7 @@
int key_regeneration_time; /* Server key lifetime (seconds). */
int permit_root_login; /* If true, permit root login. */
int ignore_rhosts; /* Ignore .rhosts and .shosts. */
+ int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */
int print_motd; /* If true, print /etc/motd. */
int check_mail; /* If true, check for new mail. */
int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */
diff --git a/ssh.h b/ssh.h
index da818b2..f336213 100644
--- a/ssh.h
+++ b/ssh.h
@@ -13,7 +13,7 @@
*/
-/* RCSID("$Id: ssh.h,v 1.10 1999/11/11 06:57:40 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.11 1999/11/12 00:33:04 damien Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -138,8 +138,8 @@
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
/* Name of the environment variable containing the pathname of the
- authentication socket. */
-#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
+ authentication socket. */
+#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
/* Force host key length and server key length to differ by at least this
many bits. This is to make double encryption with rsaref work. */
@@ -334,8 +334,7 @@
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int bits, BIGNUM *client_host_key_e,
- BIGNUM *client_host_key_n, int ignore_rhosts,
- int strict_modes);
+ BIGNUM *client_host_key_n);
/* Tries to authenticate the user using password. Returns true if
authentication succeeds. */
diff --git a/sshd.8 b/sshd.8
index 20e9712..e9a09f4 100644
--- a/sshd.8
+++ b/sshd.8
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: sshd.8,v 1.6 1999/11/11 06:57:40 damien Exp $
+.\" $Id: sshd.8,v 1.7 1999/11/12 00:33:04 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSHD 8
@@ -245,6 +245,15 @@
.Pa /etc/ssh/shosts.equiv
are still used. The default is
.Dq no .
+.It Cm IgnoreUserKnownHosts
+Specifies whether
+.Nm
+should ignore the user's
+.Pa $HOME/.ssh/known_hosts
+during
+.Cm RhostsRSAAuthentication .
+The default is
+.Dq no .
.It Cm KeepAlive
Specifies whether the system should send keepalive messages to the
other side. If they are sent, death of the connection or crash of one
diff --git a/sshd.c b/sshd.c
index 5952600..7cc24cd 100644
--- a/sshd.c
+++ b/sshd.c
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.15 1999/11/11 21:49:09 damien Exp $");
+RCSID("$Id: sshd.c,v 1.16 1999/11/12 00:33:04 damien Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -1394,11 +1394,8 @@
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
}
- /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
if (auth_rhosts_rsa(pw, client_user,
- client_host_key_bits, client_host_key_e,
- client_host_key_n, options.ignore_rhosts,
- options.strict_modes))
+ client_host_key_bits, client_host_key_e, client_host_key_n))
{
/* Authentication accepted. */
authenticated = 1;
diff --git a/sshd_config b/sshd_config
index 42c3244..791fd13 100644
--- a/sshd_config
+++ b/sshd_config
@@ -11,13 +11,13 @@
#
# Loglevel replaces QuietMode and FascistLogging
#
+SyslogFacility AUTH
LogLevel INFO
#
# Don't read ~/.rhosts and ~/.shosts files
-IgnoreRhosts yes
StrictModes yes
-X11Forwarding yes
+X11Forwarding no
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
@@ -32,6 +32,16 @@
#
RhostsRSAAuthentication no
+#
+# Don't read ~/.rhosts and ~/.shosts files
+#
+IgnoreRhosts yes
+
+#
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#
+#IgnoreUserKnownHosts yes
+
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!