[Bug 270] PrivSep breaks sshd on AIX for non-root users
Ben Lindstrom
mouring at etoh.eviladmin.org
Thu Jun 13 03:03:02 EST 2002
ermm.. Yes, I did misread it.. You using -cvs current or 3.2.3?
And does it seem related to:
http://bugzilla.mindrot.org/show_bug.cgi?id=245
- Ben
On Mon, 10 Jun 2002, Darren Tucker wrote:
> Ben Lindstrom wrote:
> > I'll close this out when bugzilla will accept my login. =) But PrivSep
> > can't be ran by a non-root user.
> >
> > 1. All network code runs a non-prived user.. ALA 'sshd' user.
> > 2. chroot() can not be done by a normal user.
> >
> > - Ben
>
> I think you misunderstood me. With PrivSep enabled, root is the only
> account that can log in (assuming "PermitRootLogin yes"). Normal
> accounts disconnect immediately after authentication.
>
> -Daz.
>
> root at devaix43> whoami
> root
> root at devaix43> /usr/local/sbin/sshd -o 'UsePrivilegeSeparation yes'
> root at devaix43> ssh -l dtucker localhost
> dtucker at localhost's password:
> Connection to localhost closed by remote host.
> Connection to localhost closed.
>
> root at devaix43> ssh -l root localhost
> root at localhost's password:
> Last unsuccessful login: Fri May 3 14:06:40 2002 on /dev/tty0
> Last login: Mon Jun 10 10:58:09 2002 on ssh from localhost
>
> # exit
> Connection to localhost closed.
>
More information about the openssh-unix-dev
mailing list