diff --git a/ChangeLog b/ChangeLog index 33b585867..26d4142cf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -45,6 +45,9 @@ - stevesk@cvs.openbsd.org 2002/08/29 16:02:54 [ssh.1 ssh.c] deprecate -P as UsePrivilegedPort defaults to no now; ok markus@ + - stevesk@cvs.openbsd.org 2002/08/29 16:09:02 + [ssh_config.5] + more on UsePrivilegedPort and setuid root; ok markus@ 20020820 - OpenBSD CVS Sync @@ -1586,4 +1589,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2439 2002/09/04 06:46:06 djm Exp $ +$Id: ChangeLog,v 1.2440 2002/09/04 06:47:35 djm Exp $ diff --git a/ssh_config.5 b/ssh_config.5 index 82eda0a18..625bf6281 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.3 2002/08/27 17:18:40 stevesk Exp $ +.\" $OpenBSD: ssh_config.5,v 1.4 2002/08/29 16:09:02 stevesk Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -511,7 +511,12 @@ or .Dq no . The default is .Dq no . -This option applies to protocol version 1 only. +This option applies to protocol version 1 only and requires +.Nm ssh +to be setuid root and +.Cm UsePrivilegedPort +to be set to +.Dq yes . .It Cm RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA host authentication. @@ -586,6 +591,10 @@ or .Dq no . The default is .Dq no . +If set to +.Dq yes +.Nm ssh +must be setuid root. Note that this option must be set to .Dq yes if