On Mon, Jul 17, 2000 at 09:45:08PM -0400, [EMAIL PROTECTED] wrote:
>
> >> Why write back to priveleged ports anyway? Why not a port >= 1024?
>
> Markus> rhost-rsa authentication.
>
> The whole concept of "priveledged ports" is bogus. I just patched sshd to
> not care about the source port (as an option, of course :), and never
> install ssh setuid (and have the config not try to use priv ports).
it's a matter of trust.
no need to patch sshd, just disable rhosts-rsa authentication.
rhosts-rsa authentication without priveledged ports is useless.
> I _really_ wish the various ssh maintainers would accept this, change their
> code, and move on.
why should they remove rhosts-rsa authentication?
