[Bug 270] PrivSep breaks sshd on AIX for non-root users
Darren Tucker
dtucker at zip.com.au
Mon Jun 10 11:17:29 EST 2002
Ben Lindstrom wrote:
> I'll close this out when bugzilla will accept my login. =) But PrivSep
> can't be ran by a non-root user.
>
> 1. All network code runs a non-prived user.. ALA 'sshd' user.
> 2. chroot() can not be done by a normal user.
>
> - Ben
I think you misunderstood me. With PrivSep enabled, root is the only
account that can log in (assuming "PermitRootLogin yes"). Normal
accounts disconnect immediately after authentication.
-Daz.
root at devaix43> whoami
root
root at devaix43> /usr/local/sbin/sshd -o 'UsePrivilegeSeparation yes'
root at devaix43> ssh -l dtucker localhost
dtucker at localhost's password:
Connection to localhost closed by remote host.
Connection to localhost closed.
root at devaix43> ssh -l root localhost
root at localhost's password:
Last unsuccessful login: Fri May 3 14:06:40 2002 on /dev/tty0
Last login: Mon Jun 10 10:58:09 2002 on ssh from localhost
# exit
Connection to localhost closed.
More information about the openssh-unix-dev
mailing list