From owner-freebsd-security Fri Jun 28 10:55: 8 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A52937B401 for ; Fri, 28 Jun 2002 10:55:01 -0700 (PDT) Received: from hokkshideh2.jetcafe.org (hokkshideh2.jetcafe.org [205.147.43.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9480443E0F for ; Fri, 28 Jun 2002 10:55:00 -0700 (PDT) (envelope-from dave@jetcafe.org) Received: from hokkshideh2.jetcafe.org (localhost [127.0.0.1]) by hokkshideh2.jetcafe.org (8.11.6/8.11.6) with ESMTP id g5SHt0029997 for ; Fri, 28 Jun 2002 10:55:00 -0700 (PDT) (envelope-from dave@hokkshideh2.jetcafe.org) Message-Id: <200206281755.g5SHt0029997@hokkshideh2.jetcafe.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: freebsd-security@freebsd.org Subject: Possible caveat to UsePrivSep on openssh port Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 28 Jun 2002 10:54:55 -0700 From: Dave Hayes Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message only applies to people installing openssh using the /usr/ports/security/openssh port. One thing I've noticed is that a couple random machines needed to have host.conf and resolv.conf installed into ${EMPTYDIR}/etc, otherwise they would hang attempting to do a reverse lookup. You might check this if your ssh is extremely slow to connect. ------ Dave Hayes - Consultant - Altadena CA, USA - dave@jetcafe.org >>> The opinions expressed above are entirely my own <<< "There is someone willing to argue about any point." --I don't know, but I'll argue any attribution To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message