From 9cf07a6ebf3f96d7837fc6bafc52165d6dfb7368 Mon Sep 17 00:00:00 2001 From: mouring Date: Tue, 11 Jun 2002 15:50:13 +0000 Subject: [PATCH] - stevesk@cvs.openbsd.org 2002/06/10 16:56:30 [ssh-keysign.8] merge in stuff from my man page; ok markus@ --- ChangeLog | 3 +++ ssh-keysign.8 | 23 ++++++++++++++++------- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 38f7e785..4518164a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,9 @@ - stevesk@cvs.openbsd.org 2002/06/10 16:53:06 [auth-rsa.c ssh-rsa.c] display minimum RSA modulus in error(); ok markus@ + - stevesk@cvs.openbsd.org 2002/06/10 16:56:30 + [ssh-keysign.8] + merge in stuff from my man page; ok markus@ 20020609 - (bal) OpenBSD CVS Sync diff --git a/ssh-keysign.8 b/ssh-keysign.8 index fccbd7c2..ab2cf21b 100644 --- a/ssh-keysign.8 +++ b/ssh-keysign.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.1 2002/05/25 08:16:59 markus Exp $ +.\" $OpenBSD: ssh-keysign.8,v 1.2 2002/06/10 16:56:30 stevesk Exp $ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -29,16 +29,13 @@ .Nm ssh-keysign .Nd ssh helper program for hostbased authentication .Sh SYNOPSIS -.Nm ssh-keysign +.Nm .Sh DESCRIPTION .Nm is used by .Xr ssh 1 -to access the local host keys during hostbased authentication with -SSH protocol version 2. -Since the host keys are readable only by root -.Nm -must be setuid root. +to access the local host keys and generate the digital signature +required during hostbased authentication with SSH protocol version 2. .Nm is not intended to be invoked by the user, but from .Xr ssh 1 . @@ -47,8 +44,20 @@ See and .Xr sshd 8 for more information about hostbased authentication. +.Sh FILES +.Bl -tag -width Ds +.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key +These files contain the private parts of the host keys used to +generate the digital signature. They +should be owned by root, readable only by root, and not +accessible to others. +Since they are readable only by root, +.Nm +must be set-uid root if hostbased authentication is used. +.El .Sh SEE ALSO .Xr ssh 1 , +.Xr ssh-keygen 1 , .Xr sshd 8 .Sh AUTHORS Markus Friedl -- 2.45.1