Re: ssh difference v3.3 vs. 3.4 ???
Lo, on Wednesday, June 26, Colin Watson did write:
> On Wed, Jun 26, 2002 at 05:25:16PM -0500, Richard Cobbe wrote:
> > Lo, on Wednesday, June 26, Colin Watson did write:
> > > If you're running 3.3 with privilege separation enabled (as it is by
> > > default), most remote root exploits become remote exploits of the sshd
> > > user, which is considerably less serious.
> >
> > So, I'm running ssh 3.3 as packaged for woody. I don't have
> > UserPrivilegeSeparation turned off in any config files, but I still see
> > the following:
> >
> > [nanny-ogg:~]$ ps aux | grep [s]shd
> > root 268 0.0 0.2 2788 716 ? S 06:19 0:00 /usr/sbin/sshd
> >
> > sshd is still running as root. Is this what I should be seeing?
>
> Yes, the parent process continues to run as root. If you ssh to a box
> running 3.3 and leave the connection at the password prompt, you'll see
> a process running as the sshd user until the authentication is
> completed.
Ah. Since I use public-key authentication almost exclusively, that
would explain why I never saw the sshd user.
Thanks,
Richard
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: