sshd as non-root
Ben Lindstrom
mouring at etoh.eviladmin.org
Sun Sep 28 12:32:35 EST 2003
On Sat, 27 Sep 2003, Stephen Samuel wrote:
> I'm trying to get sshd to the point where it can run as non-root.
> I think that this is quite doable if using rsa-key authentication
> So far, I've run into and fixed the proben that chgroups only works
> if you're root and I've added a ModulusFile option to sshd_config
> (not necessary, but nice).
>
> Now I've run into the fact that the system attempts to do PAM
> authentication, even though you're root. Are there any other
> problems I'm likely to run into? Has this already been fixed
> somewhere?
>
The solution is NOT to use pam.
Plus it is not going to be universally possible to support sshd as
non-root since some systems require root for assigning TTYs.
Depending on the changes we may consider them, but honestly =) don't keep
your hopes up about integration.
- Ben
More information about the openssh-unix-dev
mailing list