deprecation of UsePrivilegeSeparation breaks container use cases

Aleksandar Kostadinov akostadinov at
Tue Aug 8 02:39:31 AEST 2017

On Mon, Aug 7, 2017 at 3:17 AM, Darren Tucker <dtucker at> wrote:
> On Mon, Aug 7, 2017 at 5:44 AM, Aleksandar Kostadinov
> ...
> As I said last time this came up:
> Disabling privsep will not be supported.  Running as an unprivileged user is
> supported in the two-process configuration.

Thanks a lot for pointing me at the right direction. I tested with
SSHd 7.5p1 and also with 7.4p1. It works running as unprivileged user
(username `git`) using priv separation! Output reformatted for

-bash-4.3$ cd /proc
-bash-4.3$ cat 1/cmdline
-bash-4.3$ cat 57/cmdline
sshd: git [priv]
-bash-4.3$ cat 60/cmdline
sshd: git at pts/0
-bash-4.3$ cat 61/cmdline


More information about the openssh-unix-dev mailing list