[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh sshd user vs. group ???

On Wed, Jul 03, 2002 at 12:17:20AM -0500, Michael D. Schleif wrote:
> Derrick 'dman' Hudson wrote:
> > On Tue, Jul 02, 2002 at 11:07:57PM -0500, Michael D. Schleif wrote:
> > | According to the docs, supposing that I were to compile this by hand, I
> > | would need to create *both* an sshd user and an sshd group.
> > |
> > | Installing via apt-get, the sshd user is added; but, there is *NO* sshd
> > | group!
[...]
> ``When privsep is enabled, during the pre-authentication phase sshd will
> chroot(2) to "/var/empty" and change its privileges to the "sshd" user
> and its primary group.

"Its primary group" doesn't have to be called sshd. There's no
particular reason to create a separate group.

> The apt-get install process created that same sshd user; but, there is
> *NO* /home/sshd directory.

There's no reason why you should think from the documentation that
/home/sshd needs to exist either.

The Debian package is configured slightly differently from that
/var/empty recommendation in order to follow policy better. It uses
/var/run/sshd instead. Other than that there's no difference from the
documentation.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: