A question about OpenSSH_3.4p1 on Solaris 8

Ben Lindstrom mouring at etoh.eviladmin.org
Fri Oct 25 02:02:58 EST 2002


This is the correct behavior.  This is what privilege seperation does

After you login it splits into to sections.. the 'user owned' part which
drops all root privs and which does 99% of the work, and a root privs part
that only does SELECTIVE things that require root to do them.

- Ben

On Thu, 24 Oct 2002, Roger Wang wrote:

> Hi, I'm doing test with OpenSSH. The question I have
> is when I issue "ssh -l test1 localhost", there are
> two additional "sshd" daemons spawned - there should
> be only one. I don't know why. Appreciate if anybody
> can give me some clue. Please make sure to include my
> address since I'm not in the list yet. Thanks in
> advance.
>
> Below is the procedure:
>
> $ ps -ef | grep sshd
>     root  4953     1  0 10:04:32 ?        0:00
> /usr/local/sbin/sshd
>   wroger  5088  4751  0 10:29:21 pts/2    0:00 grep
> sshd
> $
> $
> $ ssh -l test1 192.168.182.184
> test1 at 192.168.182.184's password:
> Last login: Thu Oct 24 10:32:32 2002 from unknown
> Sun Microsystems Inc.   SunOS 5.8       Generic Patch
>  October 2001
> $ ps -ef | grep sshd
>    test1  5198  5196  0 10:32:47 ?        0:00
> /usr/local/sbin/sshd
>     root  4953     1  0 10:04:32 ?        0:00
> /usr/local/sbin/sshd
>     root  5196  4953  1 10:32:43 ?        0:00
> /usr/local/sbin/sshd
> $
> $ ps -ef | grep ssh
>    test1  5198  5196  0 10:32:47 ?        0:00
> /usr/local/sbin/sshd
>     root  4953     1  0 10:04:32 ?        0:00
> /usr/local/sbin/sshd
>   wroger  5166  4751  0 10:32:42 pts/2    0:01 ssh -l
> test1 192.168.182.184
>     root  5196  4953  0 10:32:43 ?        0:00
> /usr/local/sbin/sshd
> $
>
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Y! Web Hosting - Let the expert host your web site
> http://webhosting.yahoo.com/
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list