- stevesk@cvs.openbsd.org 2002/08/29 16:09:02

     [ssh_config.5]
     more on UsePrivilegedPort and setuid root; ok markus@

diff --git a/ChangeLog b/ChangeLog
index 9054e59344118a30f4b560a164c2934a10f6ab0c..b376e957fd49e1e8c762ec28fb8780a23f9b84be 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@
    - stevesk@cvs.openbsd.org 2002/08/29 16:02:54
      [ssh.1 ssh.c]
      deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
+   - stevesk@cvs.openbsd.org 2002/08/29 16:09:02
+     [ssh_config.5]
+     more on UsePrivilegedPort and setuid root; ok markus@
 
 20020820
  - OpenBSD CVS Sync

diff --git a/ssh_config.5 b/ssh_config.5
index 82eda0a1838d48a997ce40fde4a7b1ca554b8fee..625bf62816a23c1519eb220ed40aa95c9fc9f232 100644 (file)
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.3 2002/08/27 17:18:40 stevesk Exp $
+.\" $OpenBSD: ssh_config.5,v 1.4 2002/08/29 16:09:02 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
@@ -511,7 +511,12 @@ or
 .Dq no .
 The default is
 .Dq no .
-This option applies to protocol version 1 only.
+This option applies to protocol version 1 only and requires
+.Nm ssh
+to be setuid root and
+.Cm UsePrivilegedPort
+to be set to
+.Dq yes .
 .It Cm RhostsRSAAuthentication
 Specifies whether to try rhosts based authentication with RSA host
 authentication.
@@ -586,6 +591,10 @@ or
 .Dq no .
 The default is
 .Dq no .
+If set to
+.Dq yes
+.Nm ssh
+must be setuid root.
 Note that this option must be set to
 .Dq yes
 if