Who uses UseLogin?

Jakub Jelen jjelen at redhat.com
Tue Aug 16 17:37:55 AEST 2016

On 08/16/2016 05:27 AM, Damien Miller wrote:
> Hi,
> Does anyone set sshd's UseLogin=yes? If so, why?
> I'd like to remove this option - I've not needed it in the last 15 years
> on any platform (making it a very poorly-tested code path) and it breaks
> a few things including post-authentication privilege separation.
> Can anyone speak in its defence?
No. We recently marked this option as deprecated in Fedora (throws a 
warning in the logs) and removing it sounds like a good idea to me (it 
does not even work with SELinux enforcing). I set UseLogin=yes only for 
rare testing purposes.


Jakub Jelen
Security Technologies
Red Hat

More information about the openssh-unix-dev mailing list