After a quick (<30 sec) trip to the man page, voila! To use non-privileged ports, add to /etc/config or ~/.ssh/config: Host * RhostsAuthentication no RhostsRSAAuthentication no UsePrivilegedPort no This disables attempting rhosts-style authentication, which any sane server should reject anyways. Why these are still enabled by default escapes me. S | | Stephen Sprunk, K5SSS, CCIE #3723 :|: :|: NSA, Network Consulting Engineer :|||: :|||: 14875 Landmark Blvd #400; Dallas, TX .:|||||||:..:|||||||:. Pager: 800-365-4578 / 800-901-6078 C I S C O S Y S T E M S Email: ssprunk@cisco.com ----- Original Message ----- From: adrian@creative.net.au To: nanog@merit.edu Sent: Friday, February 11, 2000 13:07 Subject: Re: Cisco says attacks are due to operational practices Its not a bug, its a leftover from rsh days - if the connection originates from a port below 1024, you could assume *cough* that the credentials the connection supplies are authentic, since the process needs to be root to bind to ports < 1024. This isn't a "but thats flawed!" discussion seed, take that to bugtraq. There's a flag to ssh somewhere to stop it doing that. Yup, -P . Adrian