>Mikael> Because if you use certificate based authentication as opposed to
>Mikael> password authentication, the server connects back to you at
>Mikael> port 1022. This was at least my experience when fiddling with
>Mikael> SSH and certificates on unix boxes a long time ago.
[EMAIL PROTECTED] said:
>
>Actually, it binds a priveledged port and connects to port 22. Said
>priveledged port can be anything from 1023 -> 512.
You can turn off the binding to a privileged port by turning off the RSH
compatibility. The only reason the privileged port is used is to support
RSH's source address/port authentication method. When I typically install
SSH, I turn this feature off. Then the ssh client does not need to run
setuid to root.
Smoot Carl-Mitchell
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
