Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 25 Jun 2002 09:12:23 +0200
From:      patpro <patpro@patpro.net>
To:        Jan Lentfer <Jan.Lentfer@web.de>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: How to check if "UsePrivilegeSeparation" works in OpenSSH?
Message-ID:  <E59ABC95-880A-11D6-919D-0030654D97EC@patpro.net>
In-Reply-To: <1024987600.2078.10.camel@jan-linnb.lan>

next in thread | previous in thread | raw e-mail | index | archive | help

On mardi, juin 25, 2002, at 08:46 , Jan Lentfer wrote:

> Finally I added "UsePrivilegeSeparation yes" to /etc/ssh/sshd_config and
> SIGHUPed sshd. sshd -V no reports version 3.3.
>
> Am I set and done? Is there a way to check if Privilege Seperation
> really works ?


just log in (via ssh of course) and type :

$ ps -aux | grep sshd | grep -v grep

and make sure it gives something like this :

root     178  0.0  1.3  2088 1180  ??  Is  4:40PM  0:00.20 /usr/local/sbin/
sshd
root   61294  0.0  1.8  4868 1656  ??  I   8:21AM  0:00.05 sshd: patpro 
[priv] (sshd)
patpro 61296  0.0  1.9  5000 1744  ??  S   8:21AM  0:00.14 sshd: patpro@ 
ttyp0 (sshd)


first process : regular sshd daemon,
second : spawned root limited process,
third : active process with limited privileges. (spawned from the 2nd 
process if I understand correctly)


patpro


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E59ABC95-880A-11D6-919D-0030654D97EC>