From: Andrew Chaplin (chaplina@canisius.edu)
Date: Mon May 03 2004 - 20:58:47 EDT
Client and server are running generic Solaris 9 patched to a recent
9_Recommended.
Both have OpenSSH 3.8p1. Sun's version of ssh has been completely removed
(including /etc/ssh). I've also explicitly disabled OpenSSH protocol 1.
Config files and keys are set properly to allow for hostbased auth.
Problem: hostbased authentication only works when the client has ssh suid root.
One of the OpenSSH devs suggested that for Solaris it could be hardcoded
that in order to connect to a server a privileged source port must be
used. There is a configuration file option for the ssh client which
determines whether a privileged source port is used, but by default this
is turned off. I've tested connecting with the option not in the config
file and also with it explicitly set in the config file.
My first question: is anybody running Solaris 9 and OpenSSH with hostbased
authentication? If not Solaris 9 then perhaps 2.6-8?
I'll summarize responses and include debug output if it's necessary to
pinpoint the problem/solution.
Thanks!
--------------------------------------------------------------------
Andrew Chaplin, System Administrator II
Information Technology Services, Canisius College, Buffalo, NY
mailto: chaplina@canisius.edu
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:35 EDT