diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 00:19:40 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 00:19:40 +0000 |
commit | 5d35a2f5828cfb0a8579228d80e8bec60c8f8c64 (patch) | |
tree | d166c5fa709b6c87f4d18888cddda02ed95b2f4f /ssh.c | |
parent | 43ce2c86a89a512e3c9361b40155db8bbef3f441 (diff) | |
download | openssh-git-5d35a2f5828cfb0a8579228d80e8bec60c8f8c64.tar.gz |
- markus@cvs.openbsd.org 2002/07/03 14:21:05
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
re-enable ssh-keysign's sbit, but make ssh-keysign read
/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
globally. based on discussions with deraadt, itojun and sommerfeld;
ok itojun@
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.180 2002/06/30 21:59:45 deraadt Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.181 2002/07/03 14:21:05 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -649,7 +649,8 @@ again: _PATH_HOST_RSA_KEY_FILE, "", NULL); PRIV_END; - if (sensitive_data.keys[0] == NULL && + if (options.hostbased_authentication == 1 && + sensitive_data.keys[0] == NULL && sensitive_data.keys[1] == NULL && sensitive_data.keys[2] == NULL) { sensitive_data.keys[1] = key_load_public( |