multiuser sshd as non-root

ramon.garcia.f at gmail.com ramon.garcia.f at gmail.com
Wed Feb 5 02:59:08 AEDT 2020


CAP_SETUID and CAP_SETGID is being root in practice: any arbitrary action is possible.

I think you are taking the wrong pathEl 5 ago. 2019 12:16, Adam Endrodi <endrodi at nokia.com> escribió:
>
>
> Dear knowledgeable people, 
>
>
> I'm running sshd 6.6.1p1 on RHEL 7.1.  I've got a security requirement 
> to run it as an ordinary user, let's say test-x, instead of root. 
> It works well if I try to log in as test-x user with public key auth. 
>
> Unfortunately I need sshd to serve other users as well.  In order to 
> let sshd switch uids I've set the CAP_SETUID and CAP_SETGID capabilities 
> on the sshd binary.  But it didn't work out, when I try to log in as 
> another user, say test-y, sshd says: 
>
> Failed to set uids to 1009. 
>
> Disabling privsep didn't help.  From strace I didn't even see any attempt 
> to setuid() to test-y, so I think (but haven't verified) that when running 
> as non-root, sshd doesn't even try to change uids. 
>
> My question is, do you think such a use case (running multiuser sshd as 
> non-root) is possible theoretically, or can it be implemented with a 
> small patch? 
>
> (Let's not discuss whether the use case makes sense, the requirement for 
> me is a given.) 
>
> -- 
> How I need a drink, alcoholic in nature, after the tough chapters 
> involving quantum mechanics! 
> _______________________________________________ 
> openssh-unix-dev mailing list 
> openssh-unix-dev at mindrot.org 
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev 


More information about the openssh-unix-dev mailing list