From: David J. DeWolfe (sxdjd@ts.sois.alaska.edu)
Date: Thu Jan 30 2003 - 14:20:10 EST
All;
We, the University of Alaska, use the commercial version of SSH (not
openSSH) and have been doing so for some time now. Then we heard that
HP/Compaq was distributing a version of SSH based on the comercial version.
The interesting piece was the "EnforceSecureRutils" bit by which you could
secure rsh/rcp etc. However, when we compile ssh we include support for TCP
wrappers. I opened a call with support yesterday and was told that the HP
version of SSH was strictly a binary release so we could not compile/link a
custom executable with wrapper support if we wanted to use it.
Now for my question, it would appear that the EnforceSecureRutils
configuration parameter is something that HP/Compaq added to "their"
version of SSH as I can find no reference to that parameter anywhere other
than on the HP website and in the docs that come with the HP version of
SSH. Does anyone know if that's a true statement? I'm guessing that it is
as when I tried it with my version of SSH, 3.2.2, it complained about it
being an "unrecognized configuration parameter".
We are aware of the facilities for restricting host and user access via SSH
itself we've just preferred to use wrappers instead. We may have to rethink
our position if indeed EnforceSecureRutils is an HP/Compaq add-on.
Thanks in advance for any information.
David
mailto:sxdjd@ts.sois.alaska.edu
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:06 EDT