Re: rhosts/shosts handling in sshd

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Hi Thomas,

Thomas Koeller wrote on Sun, Dec 18, 2022 at 03:30:26PM +0100:

> after much trying and code-digging I found that hostbased authentication 
> for root is handled differently than for other users. This is from 
> auth-rhosts.c:
>      236         /*
>      237          * If not logging in as superuser, try /etc/hosts.equiv and
>      238          * shosts.equiv.
>      239          */
>      240         if (pw->pw_uid == 0)
>      241                 debug3_f("root user, ignoring system hosts files");
>      242         else {
> This behavior is apparently not documented anywhere,

My impression is that it *is* documented.

tells me:

  Host-based authentication works as follows: If the machine the user
  logs in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on
  the remote machine, the user is non-root and [...]

> and I just cannot think of a reason why this is done.

Host-based authentication is a relatively risky authentication
method in the first place, so the security risk of host based
authentication for root access is considered too great for providing
the feature.

For example, that prevents local root exploits on the client host
from turning right into remote root exploits on the server, and there
may be other attack scenarios somewhat mitigated by not providing
the dangerous feature.

> Can someone enlighten me?

Hope this helps,
openssh-unix-dev mailing list

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux