- [sshd.c] session_key_int may be zero
- [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
deraadt,millert
- Brought default sshd_config more in line with OpenBSDs
19991112
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
19991112
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
+ - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
+ IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
+ deraadt,millert
+ - Brought default sshd_config more in line with OpenBSD's
19991111
- Added (untested) Entropy Gathering Daemon (EGD) support
19991111
- Added (untested) Entropy Gathering Daemon (EGD) support
#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
/* Tries to authenticate the user using the .rhosts file and the host using
/* Tries to authenticate the user using the .rhosts file and the host using
- its host key. Returns true if authentication succeeds.
- .rhosts and .shosts will be ignored if ignore_rhosts is non-zero. */
+ its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int client_host_key_bits,
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int client_host_key_bits,
- BIGNUM *client_host_key_e, BIGNUM *client_host_key_n,
- int ignore_rhosts, int strict_modes)
+ BIGNUM *client_host_key_e, BIGNUM *client_host_key_n)
+ extern ServerOptions options;
const char *canonical_hostname;
HostStatus host_status;
BIGNUM *ke, *kn;
const char *canonical_hostname;
HostStatus host_status;
BIGNUM *ke, *kn;
debug("Trying rhosts with RSA host authentication for %.100s", client_user);
/* Check if we would accept it using rhosts authentication. */
debug("Trying rhosts with RSA host authentication for %.100s", client_user);
/* Check if we would accept it using rhosts authentication. */
- if (!auth_rhosts(pw, client_user, ignore_rhosts, strict_modes))
+ if (!auth_rhosts(pw, client_user, options.ignore_rhosts, options.strict_modes))
return 0;
canonical_hostname = get_canonical_hostname();
return 0;
canonical_hostname = get_canonical_hostname();
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
client_host_key_bits, client_host_key_e,
client_host_key_n, ke, kn);
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
client_host_key_bits, client_host_key_e,
client_host_key_n, ke, kn);
- /* Check user host file. */
- if (host_status != HOST_OK) {
+
+ /* Check user host file unless ignored. */
+ if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
struct stat st;
char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
/* Check file permissions of SSH_USER_HOSTFILE,
auth_rsa() did already check pw->pw_dir, but there is a race XXX */
struct stat st;
char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
/* Check file permissions of SSH_USER_HOSTFILE,
auth_rsa() did already check pw->pw_dir, but there is a race XXX */
+ if (options.strict_modes &&
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
options->key_regeneration_time = -1;
options->permit_root_login = -1;
options->ignore_rhosts = -1;
options->key_regeneration_time = -1;
options->permit_root_login = -1;
options->ignore_rhosts = -1;
+ options->ignore_user_known_hosts = -1;
options->print_motd = -1;
options->check_mail = -1;
options->x11_forwarding = -1;
options->print_motd = -1;
options->check_mail = -1;
options->x11_forwarding = -1;
options->permit_root_login = 1; /* yes */
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 0;
options->permit_root_login = 1; /* yes */
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 0;
+ if (options->ignore_user_known_hosts == -1)
+ options->ignore_user_known_hosts = 0;
if (options->check_mail == -1)
options->check_mail = 0;
if (options->print_motd == -1)
if (options->check_mail == -1)
options->check_mail = 0;
if (options->print_motd == -1)
sPasswordAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
sPasswordAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
- sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups
-
+ sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sIgnoreUserKnownHosts
} ServerOpCodes;
/* Textual representation of the tokens. */
} ServerOpCodes;
/* Textual representation of the tokens. */
{ "listenaddress", sListenAddress },
{ "printmotd", sPrintMotd },
{ "ignorerhosts", sIgnoreRhosts },
{ "listenaddress", sListenAddress },
{ "printmotd", sPrintMotd },
{ "ignorerhosts", sIgnoreRhosts },
+ { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
{ "x11forwarding", sX11Forwarding },
{ "x11displayoffset", sX11DisplayOffset },
{ "strictmodes", sStrictModes },
{ "x11forwarding", sX11Forwarding },
{ "x11displayoffset", sX11DisplayOffset },
{ "strictmodes", sStrictModes },
if (*intptr == -1)
*intptr = value;
break;
if (*intptr == -1)
*intptr = value;
break;
+
+ case sIgnoreUserKnownHosts:
+ intptr = &options->ignore_user_known_hosts;
+ goto parse_int;
+
case sRhostsAuthentication:
intptr = &options->rhosts_authentication;
goto parse_flag;
case sRhostsAuthentication:
intptr = &options->rhosts_authentication;
goto parse_flag;
int key_regeneration_time; /* Server key lifetime (seconds). */
int permit_root_login; /* If true, permit root login. */
int ignore_rhosts; /* Ignore .rhosts and .shosts. */
int key_regeneration_time; /* Server key lifetime (seconds). */
int permit_root_login; /* If true, permit root login. */
int ignore_rhosts; /* Ignore .rhosts and .shosts. */
+ int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */
int print_motd; /* If true, print /etc/motd. */
int check_mail; /* If true, check for new mail. */
int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */
int print_motd; /* If true, print /etc/motd. */
int check_mail; /* If true, check for new mail. */
int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
/* Name of the environment variable containing the pathname of the
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
/* Name of the environment variable containing the pathname of the
- authentication socket. */
-#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
+ authentication socket. */
+#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
/* Force host key length and server key length to differ by at least this
many bits. This is to make double encryption with rsaref work. */
/* Force host key length and server key length to differ by at least this
many bits. This is to make double encryption with rsaref work. */
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int bits, BIGNUM *client_host_key_e,
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int bits, BIGNUM *client_host_key_e,
- BIGNUM *client_host_key_n, int ignore_rhosts,
- int strict_modes);
+ BIGNUM *client_host_key_n);
/* Tries to authenticate the user using password. Returns true if
authentication succeeds. */
/* Tries to authenticate the user using password. Returns true if
authentication succeeds. */
.Pa /etc/ssh/shosts.equiv
are still used. The default is
.Dq no .
.Pa /etc/ssh/shosts.equiv
are still used. The default is
.Dq no .
+.It Cm IgnoreUserKnownHosts
+Specifies whether
+.Nm
+should ignore the user's
+.Pa $HOME/.ssh/known_hosts
+during
+.Cm RhostsRSAAuthentication .
+The default is
+.Dq no .
.It Cm KeepAlive
Specifies whether the system should send keepalive messages to the
other side. If they are sent, death of the connection or crash of one
.It Cm KeepAlive
Specifies whether the system should send keepalive messages to the
other side. If they are sent, death of the connection or crash of one
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
}
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
}
- /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
if (auth_rhosts_rsa(pw, client_user,
if (auth_rhosts_rsa(pw, client_user,
- client_host_key_bits, client_host_key_e,
- client_host_key_n, options.ignore_rhosts,
- options.strict_modes))
+ client_host_key_bits, client_host_key_e, client_host_key_n))
{
/* Authentication accepted. */
authenticated = 1;
{
/* Authentication accepted. */
authenticated = 1;
#
# Loglevel replaces QuietMode and FascistLogging
#
#
# Loglevel replaces QuietMode and FascistLogging
#
LogLevel INFO
#
# Don't read ~/.rhosts and ~/.shosts files
LogLevel INFO
#
# Don't read ~/.rhosts and ~/.shosts files
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
#
RhostsRSAAuthentication no
#
RhostsRSAAuthentication no
+#
+# Don't read ~/.rhosts and ~/.shosts files
+#
+IgnoreRhosts yes
+
+#
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#
+#IgnoreUserKnownHosts yes
+
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
andersk / openssh.git / commitdiff
