- stevesk@cvs.openbsd.org 2002/08/29 16:09:02

[ssh_config.5]
     more on UsePrivilegedPort and setuid root; ok markus@

ChangeLog

@@ -45,6 +45,9 @@
    - stevesk@cvs.openbsd.org 2002/08/29 16:02:54
      [ssh.1 ssh.c]
      deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
+   - stevesk@cvs.openbsd.org 2002/08/29 16:09:02
+     [ssh_config.5]
+     more on UsePrivilegedPort and setuid root; ok markus@
 
 20020820
  - OpenBSD CVS Sync
@@ -1586,4 +1589,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2439 2002/09/04 06:46:06 djm Exp $
+$Id: ChangeLog,v 1.2440 2002/09/04 06:47:35 djm Exp $

ssh_config.5

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.3 2002/08/27 17:18:40 stevesk Exp $
+.\" $OpenBSD: ssh_config.5,v 1.4 2002/08/29 16:09:02 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
@@ -511,7 +511,12 @@ or
 .Dq no .
 The default is
 .Dq no .
-This option applies to protocol version 1 only.
+This option applies to protocol version 1 only and requires
+.Nm ssh
+to be setuid root and
+.Cm UsePrivilegedPort
+to be set to
+.Dq yes .
 .It Cm RhostsRSAAuthentication
 Specifies whether to try rhosts based authentication with RSA host
 authentication.
@@ -586,6 +591,10 @@ or
 .Dq no .
 The default is
 .Dq no .
+If set to
+.Dq yes
+.Nm ssh
+must be setuid root.
 Note that this option must be set to
 .Dq yes
 if