Retire the mislabeled ENABLE_SUID_SSH knob.

3 files changed, 1 insertions, 11 deletions

diff --git a/secure/libexec/ssh-keysign/Makefile b/secure/libexec/ssh-keysign/Makefile
index 75f1b6c..c5fc688 100644
--- a/secure/libexec/ssh-keysign/Makefile
+++ b/secure/libexec/ssh-keysign/Makefile
@@ -4,9 +4,7 @@ PROG=	ssh-keysign
 SRCS=	ssh-keysign.c readconf.c roaming_dummy.c
 MAN=	ssh-keysign.8
 CFLAGS+=-I${SSHDIR} -include ssh_namespace.h
-.if defined(ENABLE_SUID_SSH)
-BINMODE=4511
-.endif
+BINMODE=4555
 
 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
diff --git a/share/examples/etc/make.conf b/share/examples/etc/make.conf
index 9a74298..1fd3c79 100644
--- a/share/examples/etc/make.conf
+++ b/share/examples/etc/make.conf
@@ -102,9 +102,6 @@
 # Mtree will follow symlinks.
 #MTREE_FOLLOWS_SYMLINKS= -L
 #
-# To enable installing ssh(1) with the setuid bit turned on.
-#ENABLE_SUID_SSH=
-#
 # To enable installing newgrp(1) with the setuid bit turned on.
 # Without the setuid bit, newgrp cannot change users' groups.
 #ENABLE_SUID_NEWGRP=
diff --git a/share/man/man5/make.conf.5 b/share/man/man5/make.conf.5
index f7fad38..4eb5ed5 100644
--- a/share/man/man5/make.conf.5
+++ b/share/man/man5/make.conf.5
@@ -454,11 +454,6 @@ with the set-user-ID bit set.
 Otherwise,
 .Xr newgrp 1
 will not be able to change users' groups.
-.It Va ENABLE_SUID_SSH
-.Pq Vt bool
-Set this to install
-.Xr ssh 1
-with the set-user-ID bit turned on.
 .It Va LOADER_TFTP_SUPPORT
 .Pq Vt bool
 By default the