Red Hat Bugzilla – Bug 71682
HostbasedAuthentication should be yes in ssh_config
Last modified: 2007-04-18 12:45:35 EDT
Description of problem:
The default value for ssh2 HostbasedAuthentication in ssh_config should be yes.
It is currently yes for RhostsRSAAuthentication which is the equivalent setting
This variable does not enable HostbasedAuthentication in the server but it just
has the client try HostbasedAuthentication whenever it is enabled in the server.
At the very least, the variable should be commented in the default ssh_config as
being set to no. The asymmetry is confusing!
How reproducible: Always
Steps to Reproduce:
BTW, to get HostbasedAuthentication (ssh2) working you need a world readable
/etc/ssh/ssh_known_hosts2 file and the above variable set in both ssh_config and
The commented out option is there now.