From owner-freebsd-stable@FreeBSD.ORG Sat Mar 11 01:40:33 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9595C16A426 for ; Sat, 11 Mar 2006 01:40:33 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E8E2502EB for ; Sat, 11 Mar 2006 00:36:19 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k2B0aFEO031014; Sat, 11 Mar 2006 02:36:15 +0200 (EET) (envelope-from dmitry@atlantis.dp.ua) Date: Sat, 11 Mar 2006 02:36:15 +0200 (EET) From: Dmitry Pryanishnikov To: Michael Proto In-Reply-To: <2838070.1142015777207.JavaMail.root@mswamui-thinleaf.atl.sa.earthlink.net> Message-ID: <20060311022231.K25921@atlantis.atlantis.dp.ua> References: <2838070.1142015777207.JavaMail.root@mswamui-thinleaf.atl.sa.earthlink.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-stable@freebsd.org Subject: Re: RELENG_4 on flash disk and swap X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2006 01:40:33 -0000 Hello! On Fri, 10 Mar 2006, Michael Proto wrote: >> dmitry@test$ ps axu |grep ssh >> root 20213 0.0 1.3 54724 3356 ?? Is 4:00PM 0:00.10 sshd: dmitry >> [priv] >> dmitry 20216 0.0 1.3 54724 3356 ?? I 4:00PM 0:00.03 sshd: >> dmitry@tty >> root 20229 0.0 1.3 54724 3356 ?? Ss 4:00PM 0:00.10 sshd: dmitry >> [priv] >> dmitry 20232 0.0 1.3 54724 3356 ?? S 4:00PM 0:00.03 sshd: >> dmitry@tty >> >> It's the result of 2 incoming OpenSSH sessions: 2 processes per session, > > You're correct, I could have sworn that sshd ran as the sshd user with the > (somewhat) new privsep settings but it appears that I'm mistaken. My only One of OpenSSH's sshd processes actually runs under 'sshd' user, but only during authentication phase. That's how it looks at this point in up-to-date 6.1-PRERELEASE: root 953 1.5 0.5 4420 2616 ?? Ss 2:11AM 0:00.04 sshd: dmitry [priv] (sshd) root 637 0.0 0.5 2880 2332 ?? Ss 2:05AM 0:00.00 /usr/sbin/sshd sshd 954 0.0 0.5 4284 2464 ?? S 2:11AM 0:00.02 sshd: dmitry [net] (sshd) root 959 0.0 0.5 4424 2620 ?? S 2:11AM 0:00.00 sshd: dmitry [pam] (sshd) (pid=637 is the main dispatcher process). 3 processes per connection, 2 of them running as root! Looks as an ideal model for DoSers ;) I still prefer good old SSH.COM's sshd: single (although root's) and slimer (VSZ-wise) process per connection: root 574 0.0 0.4 2556 1948 ?? Ss 2:16AM 0:00.02 /usr/local/sbin/sshd2 -p 22 root 2033 0.0 0.4 2704 2156 ?? S 2:29AM 0:00.08 /usr/local/sbin/sshd2 -p 22 (again, pid=574 is the dispatcher). Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE