From 26efc2f5df0e3bcf6a6bbdd0506fd682d60c2145 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Mon, 16 Jul 2018 11:05:41 +0000
Subject: upstream: Remove support for loading HostBasedAuthentication keys

directly in ssh(1) and always use ssh-keysign.  This removes one of the few
remaining reasons why ssh(1) might be setuid.  ok markus@

OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
---
 sshconnect.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'sshconnect.h')

diff --git a/sshconnect.h b/sshconnect.h
index dd648b09..6bba62ad 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.32 2018/02/10 09:25:35 djm Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.33 2018/07/16 11:05:41 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -28,7 +28,6 @@ typedef struct Sensitive Sensitive;
 struct Sensitive {
 	struct sshkey	**keys;
 	int		nkeys;
-	int		external_keysign;
 };
 
 struct addrinfo;
-- 
cgit v1.2.1