Bug#211334: Option to have ssh client installed setuid root

To: Colin Watson <cjwatson@debian.org>
Cc: 211334@bugs.debian.org
Subject: Bug#211334: Option to have ssh client installed setuid root
From: Peter Harvey <pah06@uow.edu.au>
Date: Thu, 18 Sep 2003 11:06:22 +1000
Message-id: <[🔎] 1063847181.909.9.camel@localhost>
Reply-to: Peter Harvey <pah06@uow.edu.au>, 211334@bugs.debian.org
In-reply-to: <[🔎] 20030917232515.GC14314@riva.ucam.org>
References: <[🔎] 1063772576.901.8.camel@localhost> <[🔎] 20030917232515.GC14314@riva.ucam.org>

On Thu, 2003-09-18 at 09:25, Colin Watson wrote:

>  If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2
>  host-based authentication.
> 
> > >From http://www.openssh.org/faq.html#2.2 :
> 
> I think that's out of date. Note that ssh-keysign was broken in
> 1:3.4p1-1.1, but this is fixed in 1:3.4p1-1.woody.2.
> 

All I can say is that hostbased authentication refused to work for me
with fairly recent packages, even with ssh-keysign suid. If I set ssh to
suid root it immediately started working.

You are right though: the latest packages (1:3.4p1-1.woody.2) work
properly without having ssh suid. So this bug is now dead.

Thanks,
Peter Harvey.

Reply to:

References:
- Bug#211334: Option to have ssh client installed setuid root
  - From: Peter Harvey <pah06@uow.edu.au>
- Bug#211334: Option to have ssh client installed setuid root
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Processed: ssh is not unusable
Next by Date: Bug#211334: marked as done (Option to have ssh client installed setuid root)
Previous by thread: Bug#211334: Option to have ssh client installed setuid root
Next by thread: Bug#211334: marked as done (Option to have ssh client installed setuid root)
Index(es):
- Date
- Thread