OpenSSH 3.3 released [be careful of not having sshd useror /var/empty]
Wendy Palm
wendyp at cray.com
Wed Jun 26 00:37:41 EST 2002
is the user "sshd" and /var/empty still needed even without privsep?
Damien Mascord wrote:
>
> Heya,
>
> Probably something to note in the release notes for 3.3:
>
> 1) A user sshd needs to exist before you do a /etc/init.d/sshd restart, ssh
> will not restart
> 2) A directory /var/empty needs to exists before you restart sshd,
> otherwise sshd will not restart.
>
> Probably even a good idea to put it in the make install section, something like
> echo **********************************************************
> echo * WARNING, sshd user does not exist *
> echo * WARNING, /var/empty directory does not exist *
> echo * sshd will not restart *
> echo *********************************************************
>
> Just an idea :) Glad I enabled telnet temporarily to restart sshd this time :)
>
> Damien
>
> At 09:50 PM 21/06/2002 +0200, you wrote:
> >OpenSSH 3.3 has just been released. It will be available from the
> >mirrors listed at http://www.openssh.com/ shortly.
> >
> >OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
> >implementation and includes sftp client and server support.
> >
> >We would like to thank the OpenSSH community for their continued
> >support and encouragement.
> >
> >
> >Changes since OpenSSH 3.2.3:
> >============================
> >
> >Security Changes:
> >=================
> >
> >- improved support for privilege separation:
> >
> > privilege separation is now enabled by default
> >
> > See UsePrivilegeSeparation in sshd_config(5)
> > and http://www.citi.umich.edu/u/provos/ssh/privsep.html for more
> > information.
> >- ssh no longer needs to be installed setuid root for protocol
> > version 2 hostbased authentication, see ssh-keysign(8).
> > protocol version 1 rhosts-rsa authentication still requires privileges
> > and is not recommended.
> >
> >Other Changes:
> >==============
> >
> >- documentation for the client and server configuration options have
> > been moved to ssh_config(5) and sshd_config(5).
> >- the server now supports the Compression option, see sshd_config(5).
> >- the client options RhostsRSAAuthentication and RhostsAuthentication now
> > default to no, see ssh_config(5).
> >- the client options FallBackToRsh and UseRsh are deprecated.
> >- ssh-agent now supports locking and timeouts for keys, see ssh-add(1).
> >- ssh-agent can now bind to unix-domain sockets given on the command line,
> > see ssh-agent(1).
> >- fixes problems with valid RSA signatures from putty clients.
> >
> >Reporting Bugs:
> >===============
> >
> >- please read http://www.openssh.com/report.html
> > and http://bugzilla.mindrot.org/
> >
> >OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
> >Kevin Steves, Damien Miller and Ben Lindstrom.
> >_______________________________________________
> >openssh-unix-dev at mindrot.org mailing list
> >http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
--
wendy palm
Cray OS Sustaining Engineering, Cray Inc.
wendyp at cray.com, 651-605-9154
More information about the openssh-unix-dev
mailing list