[EMAIL PROTECTED] wrote:
> Please state why, exactly, this is the case. rhosts-rsa already
> authenticates based on (IP, RSA-key). How is (IP, RSA-key, sport <1024)
> any more or less secure? Either the key is secure, or it isn't. It has
> nothing whatsoever to do with the source port.
After successful rhosts-RSA authentication, the server trusts the user
name passed to it by the client. If any client port is allowed, then any
user who can log into the client machine could run their own SSH client
patched to pass any desired user name. If only privileged client ports are
allowed, then the user can only use an ssh client that has been installed
suid root; such a client is presumably trusted to pass the correct user
name.
I suppose rhosts-RSA authentication isn't completely useless without the
privileged-port restriction, but it's much less useful since the server
would basically have to ignore the passed user name.
Rob
--
[Robert O'Callahan http://www.cs.cmu.edu/~roc 6th year CMU CS PhD student
"Now when Joshua was near Jericho, he looked up and saw a man standing in
front of him with a drawn sword in his hand. Joshua went up to him and
asked, 'Are you for us or for our enemies?' 'Neither,' he replied, 'but
as commander of the army of the LORD I have now come.'" - Joshua 5:13-14]
