Darren J Moffat wrote:
> Kyle McDonald wrote:
>> Reading the docs about the configuration settings that be set on
>> this, I had decided to try this combo:
>>
>> Protocol 2
>> HostbasedAuthentication yes
>> IgnoreRhosts yes
>>
>> There seem to be other (somewhat related) options, but unless I'm
>> reading things wrong, they only apply to Version 1 of the protocol.
>>
>> Is there a better way to do all this? Maybe I'm just missing something?
>> Any thoughts? advice?
>
> Are you saying this isn't working or are you just looking for general
> advice if it is sane or not ?
>
It appears to be working, except for root which ignores hosts.equiv, and
there are betters ways of doing that I think.
Especially since I want
> Did you follow the hostbased auth setup section in sshd(1M) man page ?
>
I read through the ssh{,d}_config manpages several times, and the ssh
and sshd manpages also. I did see that section, and followed the steps
there. As I said it works.
I'm curious about the ramifications of enabling this feature in my
environment, and what other settings are suggested to go along with this
feature?
One thing that wasn't clear in the manpages, is if SSH's processing of
hostnames in ~/.{r,s}hosts and /etc/{s,}hosts.equiv files is case
sensitive or not. RSH was, but DNS is not, although reverse DNS is
case-preserving.
I haven't done enough testing now that I have it working to have figured
it out, but some mention of it in the manpages would have helped.
-Kyle
