sshd as non-root

Ben Lindstrom mouring at etoh.eviladmin.org
Sun Sep 28 12:32:35 EST 2003



On Sat, 27 Sep 2003, Stephen Samuel wrote:

> I'm trying to get sshd to the point where it can run as non-root.
> I think that this is quite doable if using rsa-key authentication
> So far, I've run into and fixed the proben that chgroups only works
> if you're root and I've added a ModulusFile option to sshd_config
> (not necessary, but nice).
>
> Now I've run into the fact that the system attempts to do PAM
> authentication, even though you're root.  Are there any other
> problems I'm likely to run into?  Has this already been fixed
> somewhere?
>

The solution is NOT to use pam.

Plus it is not going to be universally possible to support sshd as
non-root since some systems require root for assigning TTYs.

Depending on the changes we may consider them, but honestly =) don't keep
your hopes up about integration.

- Ben




More information about the openssh-unix-dev mailing list