Problems with UsePrivilegeSeparation (was: port fwd as user != root?
Mathias Koerber
mathias at koerber.org
Tue May 28 13:55:26 EST 2002
I just upgraded to OpenSSH3.2.3p1 as it seemed that
UsePrivilegeSeparation yes
might help with my problem (connections forwarded
are owned by root instead of the user I logged in as
on the server), but instead, sshd barfs on receiving
a connection. Without UsePrivilegeSeparation
the server works fine.
# strace -o /tmp/sshd.str sshd -d
debug1: sshd version OpenSSH_3.2.3p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 202.42.176.138 port 2483
debug1: Client protocol version 2.0; client software version 3.3.1 SecureCRT
debug1: no match: 3.3.1 SecureCRT
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.2.3p1
mmap(65536)
debug1: Calling cleanup 0x806a470(0x0)
root at matjes:/usr/local/etc
Here is the tail of the strace:
write(2, "debug1: Client protocol version "..., 78) = 78
write(2, "debug1: no match: 3.3.1 SecureCR"..., 35) = 35
write(2, "Enabling compatibility mode for "..., 46) = 46
write(2, "debug1: Local version string SSH"..., 55) = 55
fcntl(5, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
socketpair(PF_UNIX, SOCK_STREAM, , 0, [4, 8]) = 0
fcntl(4, F_SETFD, FD_CLOEXEC) = 0
fcntl(8, F_SETFD, FD_CLOEXEC) = 0
mmap(0, 65536, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS, -1, 0) = -1
EINVAL (Invalid argument)
write(2, "mmap(65536)\r\n", 13) = 13
write(2, "debug1: Calling cleanup 0x806a47"..., 40) = 40
shutdown(5, 2 /* send and receive */) = 0
close(5) = 0
_exit(255) = ?
The kernel is a somewhat older Linux 2.2.13.
regards
More information about the openssh-unix-dev
mailing list