- markus@cvs.openbsd.org 2001/11/08 17:49:53

     [ssh.1]
     mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@

2 files changed, 14 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 85641c48..a9ec3aee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@
    - markus@cvs.openbsd.org 2001/11/08 10:51:08
      [readpass.c]
      don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
+   - markus@cvs.openbsd.org 2001/11/08 17:49:53
+     [ssh.1]
+     mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@
 
 20011109
  - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
@@ -6854,4 +6857,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1648 2001/11/12 00:05:20 djm Exp $
+$Id: ChangeLog,v 1.1649 2001/11/12 00:05:38 djm Exp $
diff --git a/ssh.1 b/ssh.1
index 404f80bd..ad3c9602 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.140 2001/10/30 20:29:09 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.141 2001/11/08 17:49:53 markus Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -1389,6 +1389,15 @@ This file provides defaults for those
 values that are not specified in the user's configuration file, and
 for those users who do not have a configuration file.
 This file must be world-readable.
+.It Pa /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key
+These three files contain the private parts of the host keys
+and are used for
+.Cm RhostsRSAAuthentication
+and
+.Cm HostbasedAuthentication .
+Since they are readable only by root
+.Nm
+must be setuid root if these authentication methods are desired.
 .It Pa $HOME/.rhosts
 This file is used in
 .Pa \&.rhosts