> from the man page
> <configuration file (ssh.conf)>
> UsePrivilegedPort
> Specifies whether to use a privileged port for outgoing connec�
> tions. The argument must be ``yes'' or ``no''. The default is
> ``no''.
^^^^^^
So if the default is no, Scott, and ssh defaults to using unprivileged
ports, then I don't see the need to open low ports for ssh. I think the
user, in the special case where they decide to set this to yes, would then
want to modify their firewall. But I guess this is nitpicking.
<sigh>
The default used to be "yes". The problems caused, and the fact that almost
no one in their right mind even thinks about using rhosts authentication
these days, apparently caused the default to get set to "no".
Try Koon's ssh-1 for an example of an ssh that opens connections on a low
port by default. The newer OpenSSH doesn't have this behavior...
You're probalby not seeing much of the old behavior "in the wild" as it
were, due to the nasty CRC-32 bug in ssh, that's been making everyone update
to the latest version, but I've personally hit the "low port" problem many
times, prior to getting everything running recent versions of OpenSSH.
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
