72298 – RhostsRSAAuthentication requires SUID bit on /usr/bin/ssh set

Bug 72298 - RhostsRSAAuthentication requires SUID bit on /usr/bin/ssh set

Summary: RhostsRSAAuthentication requires SUID bit on /usr/bin/ssh set

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	openssh
Sub Component:
Version:	8.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-08-22 20:04 UTC by Marc Schmitt
Modified:	2007-04-18 16:45 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-02-04 10:07:40 UTC
Embargoed:

Attachments	(Terms of Use)

Description Marc Schmitt 2002-08-22 20:04:28 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.0.0-10; Linux)

Description of problem:
I updated under RH 7.1 from openssh-3.1p1-5 to the openssh-3.4p1-2 (by rebuilding the SRPM).
host.equiv based RhostsRSAAuthentication would not work anymore, which was running flawlessly under 3.1p1-5.
It looks like the missing SUID bit on /usr/bin/ssh is the reason. This bit was set on earlier versions of openssh packed by RH.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. ssh <host in /etc/hosts.equiv>
 

Actual Results:  [root@xibalba101 /root]# ls -la /usr/bin/ssh
-rwxr-xr-x    1 root     root       234440 Aug 22 18:00 /usr/bin/ssh

bash-2.04$ ssh -v xibalba164
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /home/schmitt/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to xibalba164 [192.168.47.164] port 22.
debug1: Connection established.
debug1: identity file /home/schmitt/.ssh/identity type -1
debug1: identity file /home/schmitt/.ssh/id_rsa type -1
debug1: identity file /home/schmitt/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.4p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'xibalba164' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:131
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.
schmitt@xibalba164's password:


Expected Results:  bash-2.04$ ssh -v xibalba164
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /home/schmitt/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to xibalba164 [192.168.47.164] port 22.
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/schmitt/.ssh/identity type -1
debug1: identity file /home/schmitt/.ssh/id_rsa type -1
debug1: identity file /home/schmitt/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.4p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'xibalba164' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:131
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug1: Remote: Accepted for xibalba101.ethz.ch [192.168.47.101] by /etc/hosts.equiv.
debug1: Received RSA challenge for host key from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: Rhosts with RSA host authentication accepted.
debug1: Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.
debug1: Requesting pty.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: fd 3 setting TCP_NODELAY
debug1: Requesting shell.
debug1: Entering interactive session.
Last login: Thu Aug 22 21:57:17 2002 from xibalba101.ethz.ch
bash-2.04$

Additional info:

All I did between the Actual Results and Expected Results was:

chmod 4755 /usr/bin/ssh

Comment 1 Tomas Mraz 2005-02-04 10:07:40 UTC

We don't support Rhosts based authentication by default.

Note You need to log in before you can comment on or make changes to this bug.