Problems with UsePrivilegeSeparation (was: port fwd as user != root?

Markus Friedl markus at
Wed May 29 16:47:07 EST 2002

On Wed, May 29, 2002 at 11:39:04AM +0800, Mathias Koerber wrote:
> open forwarded ports as the authenticated user. Right now,
> local forwards will be opened on the server as root, which
> makes identd reports useless.

identd is always useless :)

but with privsep, the privileged process does not
touch the network.  the call to bind() will happen
in the 'user' process.


More information about the openssh-unix-dev mailing list