diff options
author | des <des@FreeBSD.org> | 2002-06-29 11:34:13 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2002-06-29 11:34:13 +0000 |
commit | 1ba793a7c09e24d920de3983a3223770cb37ebff (patch) | |
tree | 8238d8d0755b8c75c2f77d82c8f96d4360c7ee11 /crypto/openssh/README.privsep | |
parent | bb02848f18878bddada7a9f55b110116f63c2f3c (diff) | |
download | FreeBSD-src-1ba793a7c09e24d920de3983a3223770cb37ebff.zip FreeBSD-src-1ba793a7c09e24d920de3983a3223770cb37ebff.tar.gz |
Vendor import of OpenSSH 3.4p1.
Diffstat (limited to 'crypto/openssh/README.privsep')
-rw-r--r-- | crypto/openssh/README.privsep | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/crypto/openssh/README.privsep b/crypto/openssh/README.privsep index 6c798f3..ced943f 100644 --- a/crypto/openssh/README.privsep +++ b/crypto/openssh/README.privsep @@ -12,19 +12,20 @@ On systems which lack mmap or anonymous (MAP_ANON) memory mapping, compression must be disabled in order for privilege separation to function. -When privsep is enabled, the pre-authentication sshd process will +When privsep is enabled, during the pre-authentication phase sshd will chroot(2) to "/var/empty" and change its privileges to the "sshd" user -and its primary group. You should do something like the following to -prepare the privsep preauth environment: +and its primary group. sshd is a pseudo-account that should not be +used by other daemons, and must be locked and should contain a +"nologin" or invalid shell. + +You should do something like the following to prepare the privsep +preauth environment: # mkdir /var/empty # chown root:sys /var/empty # chmod 755 /var/empty # groupadd sshd - # useradd -g sshd sshd - -If you are on UnixWare 7 or OpenUNIX 8 do this additional step. - # ln /usr/lib/.ns.so /usr/lib/ns.so.1 + # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd /var/empty should not contain any files. @@ -34,8 +35,8 @@ privsep user and chroot directory: --with-privsep-path=xxx Path for privilege separation chroot --with-privsep-user=user Specify non-privileged user for privilege separation -Privsep requires operating system support for file descriptor passing -and mmap(MAP_ANON). +Privsep requires operating system support for file descriptor passing. +Compression will be disabled on systems without a working mmap MAP_ANON. PAM-enabled OpenSSH is known to function with privsep on Linux. It does not function on HP-UX with a trusted system @@ -57,4 +58,4 @@ process 1005 is the sshd process listening for new connections. process 6917 is the privileged monitor process, 6919 is the user owned sshd process and 6921 is the shell process. -$Id: README.privsep,v 1.7 2002/06/21 14:48:02 djm Exp $ +$Id: README.privsep,v 1.10 2002/06/26 00:43:57 stevesk Exp $ |