From owner-freebsd-questions Thu Jun 27 4:23: 2 2002 Delivered-To: freebsd-questions@freebsd.org Received: from router.darlow.co.uk (pc2-bigg2-0-cust101.ltn.cable.ntl.com [213.107.35.101]) by hub.freebsd.org (Postfix) with ESMTP id 2279437B419 for ; Thu, 27 Jun 2002 04:22:51 -0700 (PDT) Received: from there (IDENT:1000@ideal.darlow.co.uk [192.168.0.2]) by router.darlow.co.uk (8.12.3/8.12.3) with SMTP id g5RBMnIX007381 for ; Thu, 27 Jun 2002 12:22:50 +0100 (BST) (envelope-from neil@darlow.co.uk) Message-Id: <200206271122.g5RBMnIX007381@router.darlow.co.uk> Content-Type: text/plain; charset="iso-8859-1" From: Neil Darlow To: freebsd-questions@freebsd.org Subject: RE: Can't use Privsep in OpenSSH 3.4p1 Date: Thu, 27 Jun 2002 12:22:48 +0100 X-Mailer: KMail [version 1.3.2] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 06/27/2002 at 01:04:09, greentank.org said: > I verified that the sshd user exists and the /var/empty dir was created by > the port with teh right permissions. Anyone have any thoughts? Using privilege separation for a SSH login as root is a bit senseless, I think. What's the point of spawing a non-privileged sshd process that will run as root? I'm using openssh-3.4p1 on FreeBSD-4.6 (with openssl-0.9.6d installed) for normal user logins and privilege separation works fine. I'd suggest trying as a non-root user and then using su to gain root privileges. Regards, Neil Darlow M.Sc. -- 1024D/531F9048 1999-09-11 Neil Darlow GPG Fingerprint = 359D B8FF 6273 6C32 BEAA 43F9 E579 E24A 531F 9048 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message