On Fri, Nov 07, 2014 at 09:14:05PM -0500, System Administrator wrote: > In OpenBSD 5.6, the prototype and man-page for hosts.equiv(5) have > disappeared. However, this file is still referenced in sshd_config(5) > and (if I'm searching the sources correctly) in /usr/src/usr.bin/ssh > auth-rhosts.c which is included in the sshd/Makefile. > > Is the removal accidental or an indication that its use is deprecated? > If the latter, what is the [new] recommended "best practices" for > HostBasedAuthentication within a cluster of trusted servers? > > Thanks in advance. >
hi! back in april i asked about the refs to this file in the ssh docs. damien miller told me hosts.equiv is still relevant to "host-based logins using key authentication", and that the reference should definitely stay. and the removal of hosts.equiv(5) was not accidental. i couldn;t comment on "best practices", but i believe the docs are correct. it could be that ssh(1) etc. need to explain a bit more about how hosts.equiv work, but i'm not sure. jmc
