- markus@cvs.openbsd.org 2002/07/03 14:21:05

[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
author: Ben Lindstrom <mouring@eviladmin.org> 2002-07-04 00:19:40 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2002-07-04 00:19:40 +0000
commit: 5d35a2f5828cfb0a8579228d80e8bec60c8f8c64 (patch)
tree: d166c5fa709b6c87f4d18888cddda02ed95b2f4f /ssh.c
parent: 43ce2c86a89a512e3c9361b40155db8bbef3f441 (diff)
download: openssh-git-5d35a2f5828cfb0a8579228d80e8bec60c8f8c64.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/ssh.c b/ssh.c
index 67d297c0..77e709da 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.180 2002/06/30 21:59:45 deraadt Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.181 2002/07/03 14:21:05 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -649,7 +649,8 @@ again:
 		    _PATH_HOST_RSA_KEY_FILE, "", NULL);
 		PRIV_END;
 
-		if (sensitive_data.keys[0] == NULL &&
+		if (options.hostbased_authentication == 1 &&
+		    sensitive_data.keys[0] == NULL &&
 		    sensitive_data.keys[1] == NULL &&
 		    sensitive_data.keys[2] == NULL) {
 			sensitive_data.keys[1] = key_load_public(
author	Ben Lindstrom <mouring@eviladmin.org>	2002-07-04 00:19:40 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2002-07-04 00:19:40 +0000
commit	5d35a2f5828cfb0a8579228d80e8bec60c8f8c64 (patch)
tree	d166c5fa709b6c87f4d18888cddda02ed95b2f4f /ssh.c
parent	43ce2c86a89a512e3c9361b40155db8bbef3f441 (diff)
download	openssh-git-5d35a2f5828cfb0a8579228d80e8bec60c8f8c64.tar.gz