| version 1.6, 1999/11/11 23:36:52 |
version 1.7, 1999/11/14 23:20:09 |
|
|
| extern ServerOptions options; |
extern ServerOptions options; |
| char buf[1024]; |
char buf[1024]; |
| const char *hostname, *ipaddr; |
const char *hostname, *ipaddr; |
| int port; |
|
| struct stat st; |
struct stat st; |
| static const char *rhosts_files[] = { ".shosts", ".rhosts", NULL }; |
static const char *rhosts_files[] = { ".shosts", ".rhosts", NULL }; |
| unsigned int rhosts_file_index; |
unsigned int rhosts_file_index; |
|
|
| /* Get the name, address, and port of the remote host. */ |
/* Get the name, address, and port of the remote host. */ |
| hostname = get_canonical_hostname(); |
hostname = get_canonical_hostname(); |
| ipaddr = get_remote_ipaddr(); |
ipaddr = get_remote_ipaddr(); |
| port = get_remote_port(); |
|
| |
|
| /* Check that the connection comes from a privileged port. |
|
| Rhosts authentication only makes sense for priviledged programs. |
|
| Of course, if the intruder has root access on his local machine, |
|
| he can connect from any port. So do not use .rhosts |
|
| authentication from machines that you do not trust. */ |
|
| if (port >= IPPORT_RESERVED || |
|
| port < IPPORT_RESERVED / 2) |
|
| { |
|
| log("Connection from %.100s from nonpriviledged port %d", |
|
| hostname, port); |
|
| packet_send_debug("Your ssh client is not running as root."); |
|
| return 0; |
|
| } |
|
| |
|
| /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ |
/* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ |
| if (pw->pw_uid != 0) |
if (pw->pw_uid != 0) |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth-rhosts.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh