Running sshd with Privilege Seperation drops connection on password change
Jakub Jelen
jjelen at redhat.com
Thu Dec 17 20:36:02 AEDT 2015
On 12/17/2015 12:09 AM, Darren Tucker wrote:
> On Thu, Dec 17, 2015 at 9:34 AM, Nasim, Kam <Kam.Nasim at windriver.com> wrote:
>> Dec 16 22:22:13 knasim-ubuntu1 sshd[8623]: debug1: SELinux support disabled
> I know of no version of OpenSSH supplied by us that has that message,
> so I suspect you are using a modified version.
FYI, it is part of port-linux.c:
https://anongit.mindrot.org/openssh.git/tree/openbsd-compat/port-linux.c#n53
> On changing the password successfully, sshd will drop the connection
and client has to reconnect.
Yes, this is intended behavior and described in the message to user
before prompting for password:
https://anongit.mindrot.org/openssh.git/tree/session.c#n1578
Without privilege separation, there is though some problem that the
connection is NOT dropped, if I remember well, but I consider this as a
low-priority, since it is not advised to use ssh without privilege
separation.
--
Jakub Jelen
Security Technologies
Red Hat
More information about the openssh-unix-dev
mailing list