summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-11-12 11:33:04 +1100
committerDamien Miller <djm@mindrot.org>1999-11-12 11:33:04 +1100
commit322650927bec37d850a3ab72f82bda1cd49b09e4 (patch)
treecb0bd087fb2f709f4d070221479249d8102e14bf
parent776af5de4f7f2aa938cdd17bf85a9c891ce7dbd9 (diff)
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok deraadt,millert - Brought default sshd_config more in line with OpenBSDs
-rw-r--r--ChangeLog4
-rw-r--r--auth-rh-rsa.c19
-rw-r--r--servconf.c16
-rw-r--r--servconf.h3
-rw-r--r--ssh.h9
-rw-r--r--sshd.811
-rw-r--r--sshd.c7
-rw-r--r--sshd_config14
8 files changed, 56 insertions, 27 deletions
diff --git a/ChangeLog b/ChangeLog
index 2d702dca..a1e2cac8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,10 @@
19991112
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
+ - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
+ IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
+ deraadt,millert
+ - Brought default sshd_config more in line with OpenBSD's
19991111
- Added (untested) Entropy Gathering Daemon (EGD) support
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index ee6af218..b6f1d6c7 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -15,22 +15,22 @@ authentication.
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.2 1999/11/11 00:43:13 damien Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.3 1999/11/12 00:33:04 damien Exp $");
#include "packet.h"
#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
+#include "servconf.h"
/* Tries to authenticate the user using the .rhosts file and the host using
- its host key. Returns true if authentication succeeds.
- .rhosts and .shosts will be ignored if ignore_rhosts is non-zero. */
+ its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int client_host_key_bits,
- BIGNUM *client_host_key_e, BIGNUM *client_host_key_n,
- int ignore_rhosts, int strict_modes)
+ BIGNUM *client_host_key_e, BIGNUM *client_host_key_n)
{
+ extern ServerOptions options;
const char *canonical_hostname;
HostStatus host_status;
BIGNUM *ke, *kn;
@@ -38,7 +38,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
debug("Trying rhosts with RSA host authentication for %.100s", client_user);
/* Check if we would accept it using rhosts authentication. */
- if (!auth_rhosts(pw, client_user, ignore_rhosts, strict_modes))
+ if (!auth_rhosts(pw, client_user, options.ignore_rhosts, options.strict_modes))
return 0;
canonical_hostname = get_canonical_hostname();
@@ -53,13 +53,14 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname,
client_host_key_bits, client_host_key_e,
client_host_key_n, ke, kn);
- /* Check user host file. */
- if (host_status != HOST_OK) {
+
+ /* Check user host file unless ignored. */
+ if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
struct stat st;
char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
/* Check file permissions of SSH_USER_HOSTFILE,
auth_rsa() did already check pw->pw_dir, but there is a race XXX */
- if (strict_modes &&
+ if (options.strict_modes &&
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
diff --git a/servconf.c b/servconf.c
index d7f54a62..b1e52638 100644
--- a/servconf.c
+++ b/servconf.c
@@ -12,7 +12,7 @@ Created: Mon Aug 21 15:48:58 1995 ylo
*/
#include "includes.h"
-RCSID("$Id: servconf.c,v 1.2 1999/11/11 06:57:39 damien Exp $");
+RCSID("$Id: servconf.c,v 1.3 1999/11/12 00:33:04 damien Exp $");
#include "ssh.h"
#include "servconf.h"
@@ -31,6 +31,7 @@ void initialize_server_options(ServerOptions *options)
options->key_regeneration_time = -1;
options->permit_root_login = -1;
options->ignore_rhosts = -1;
+ options->ignore_user_known_hosts = -1;
options->print_motd = -1;
options->check_mail = -1;
options->x11_forwarding = -1;
@@ -88,6 +89,8 @@ void fill_default_server_options(ServerOptions *options)
options->permit_root_login = 1; /* yes */
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 0;
+ if (options->ignore_user_known_hosts == -1)
+ options->ignore_user_known_hosts = 0;
if (options->check_mail == -1)
options->check_mail = 0;
if (options->print_motd == -1)
@@ -156,8 +159,8 @@ typedef enum
sPasswordAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
- sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups
-
+ sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sIgnoreUserKnownHosts
} ServerOpCodes;
/* Textual representation of the tokens. */
@@ -195,6 +198,7 @@ static struct
{ "listenaddress", sListenAddress },
{ "printmotd", sPrintMotd },
{ "ignorerhosts", sIgnoreRhosts },
+ { "ignoreuserknownhosts", sIgnoreUserKnownHosts },
{ "x11forwarding", sX11Forwarding },
{ "x11displayoffset", sX11DisplayOffset },
{ "strictmodes", sStrictModes },
@@ -402,7 +406,11 @@ void read_server_config(ServerOptions *options, const char *filename)
if (*intptr == -1)
*intptr = value;
break;
-
+
+ case sIgnoreUserKnownHosts:
+ intptr = &options->ignore_user_known_hosts;
+ goto parse_int;
+
case sRhostsAuthentication:
intptr = &options->rhosts_authentication;
goto parse_flag;
diff --git a/servconf.h b/servconf.h
index 584935ba..e16f3d04 100644
--- a/servconf.h
+++ b/servconf.h
@@ -13,7 +13,7 @@ Definitions for server configuration data and for the functions reading it.
*/
-/* RCSID("$Id: servconf.h,v 1.2 1999/11/11 06:57:40 damien Exp $"); */
+/* RCSID("$Id: servconf.h,v 1.3 1999/11/12 00:33:04 damien Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
@@ -33,6 +33,7 @@ typedef struct
int key_regeneration_time; /* Server key lifetime (seconds). */
int permit_root_login; /* If true, permit root login. */
int ignore_rhosts; /* Ignore .rhosts and .shosts. */
+ int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */
int print_motd; /* If true, print /etc/motd. */
int check_mail; /* If true, check for new mail. */
int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */
diff --git a/ssh.h b/ssh.h
index da818b22..f3362132 100644
--- a/ssh.h
+++ b/ssh.h
@@ -13,7 +13,7 @@ Generic header file for ssh.
*/
-/* RCSID("$Id: ssh.h,v 1.10 1999/11/11 06:57:40 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.11 1999/11/12 00:33:04 damien Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -138,8 +138,8 @@ only by root, whereas ssh_config should be world-readable. */
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
/* Name of the environment variable containing the pathname of the
- authentication socket. */
-#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
+ authentication socket. */
+#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
/* Force host key length and server key length to differ by at least this
many bits. This is to make double encryption with rsaref work. */
@@ -334,8 +334,7 @@ int auth_rhosts(struct passwd *pw, const char *client_user,
its host key. Returns true if authentication succeeds. */
int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
unsigned int bits, BIGNUM *client_host_key_e,
- BIGNUM *client_host_key_n, int ignore_rhosts,
- int strict_modes);
+ BIGNUM *client_host_key_n);
/* Tries to authenticate the user using password. Returns true if
authentication succeeds. */
diff --git a/sshd.8 b/sshd.8
index 20e9712a..e9a09f43 100644
--- a/sshd.8
+++ b/sshd.8
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: sshd.8,v 1.6 1999/11/11 06:57:40 damien Exp $
+.\" $Id: sshd.8,v 1.7 1999/11/12 00:33:04 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSHD 8
@@ -245,6 +245,15 @@ and
.Pa /etc/ssh/shosts.equiv
are still used. The default is
.Dq no .
+.It Cm IgnoreUserKnownHosts
+Specifies whether
+.Nm
+should ignore the user's
+.Pa $HOME/.ssh/known_hosts
+during
+.Cm RhostsRSAAuthentication .
+The default is
+.Dq no .
.It Cm KeepAlive
Specifies whether the system should send keepalive messages to the
other side. If they are sent, death of the connection or crash of one
diff --git a/sshd.c b/sshd.c
index 59526007..7cc24cd1 100644
--- a/sshd.c
+++ b/sshd.c
@@ -18,7 +18,7 @@ agent connections.
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.15 1999/11/11 21:49:09 damien Exp $");
+RCSID("$Id: sshd.c,v 1.16 1999/11/12 00:33:04 damien Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -1394,11 +1394,8 @@ do_authentication(char *user, int privileged_port)
packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
}
- /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
if (auth_rhosts_rsa(pw, client_user,
- client_host_key_bits, client_host_key_e,
- client_host_key_n, options.ignore_rhosts,
- options.strict_modes))
+ client_host_key_bits, client_host_key_e, client_host_key_n))
{
/* Authentication accepted. */
authenticated = 1;
diff --git a/sshd_config b/sshd_config
index 42c3244b..791fd13b 100644
--- a/sshd_config
+++ b/sshd_config
@@ -11,13 +11,13 @@ PermitRootLogin yes
#
# Loglevel replaces QuietMode and FascistLogging
#
+SyslogFacility AUTH
LogLevel INFO
#
# Don't read ~/.rhosts and ~/.shosts files
-IgnoreRhosts yes
StrictModes yes
-X11Forwarding yes
+X11Forwarding no
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
@@ -32,6 +32,16 @@ RhostsAuthentication no
#
RhostsRSAAuthentication no
+#
+# Don't read ~/.rhosts and ~/.shosts files
+#
+IgnoreRhosts yes
+
+#
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#
+#IgnoreUserKnownHosts yes
+
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!