Configuration keyword "AuthorizedKeyFile" is very useful. If your sshd permits PubkeyAuthentication and you want to that only root user edits all authorized_keys files in the host, you can use "AuthorizedKeyFile" to put the file into system configuration directory. If your sshd permits HostbasedAuthentication and you want to that only root user edits all .shosts/.rhosts files, you will need configuration keyword "ShostsFile".
If you want deny user control of HostbasedAuthentication, then you can enter users in /etc/shosts.equiv and set IgnoreRhosts=yes in sshd_config Does that solve your problem?
Created attachment 1033 [details] this patch appends configuration keyword "ShostsFile" This patch works in my Solaris8 box.
(In reply to comment #1) > If you want deny user control of HostbasedAuthentication, then you can enter > users in /etc/shosts.equiv and set IgnoreRhosts=yes in sshd_config > > Does that solve your problem? > No, hosts.equiv only solves following: foo@localhost -> foo@remotehost But I assume following: foo@localhost -> bar@remotehost