https://bugzilla.mindrot.org/show_bug.cgi?id=1903
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |[email protected] Resolution|--- |FIXED --- Comment #2 from Darren Tucker <[email protected]> --- We fixed this in a manner of speaking by removing support for running ssh as root and binding to a low-numbered ports in OpenSSH 7.8. https://www.openssh.com/releasenotes.html#7.8 says: """ * ssh(1): remove vestigal support for running ssh(1) as setuid. This used to be required for hostbased authentication and the (long gone) rhosts-style authentication, but has not been necessary for a long time. Attempting to execute ssh as a setuid binary, or with uid != effective uid will now yield a fatal error at runtime. """ For anyone still requiring the low-numbered port functionality for legacy reasons we recommend a small setuid helper ProxyCommand or some source-NAT trickery. Thanks for the report. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
