Date: 25 Jun 2002 09:58:01 +0200 From: Jan Lentfer <Jan.Lentfer@web.de> To: FreeBSD Security Maillinglist <freebsd-security@FreeBSD.ORG> Subject: Re: Workarounds for OpenSSH problems Message-ID: <1024991881.2078.27.camel@jan-linnb.lan> In-Reply-To: <957C6FD8-8804-11D6-919D-0030654D97EC@patpro.net> References: <957C6FD8-8804-11D6-919D-0030654D97EC@patpro.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am Die, 2002-06-25 um 08.27 schrieb patpro: > On mardi, juin 25, 2002, at 08:02 , Andrew McNaughton wrote: > > > I've installed it. It griped and wouldn't start without `mkdir > > /var/empty`. Having added that it's running, but it hasn't griped about > > the lack of an 'sshd' user/group. I added them anyway. I don't see any > > sign of an sshd process running as anything other than root though. > > Compression is enabled when I connect, but I'm not sure that the privilege > > separation is actually working. > If you read the README.privsep in the source directory (found in /usr/ports/ > distfiles/openssh-3.3p1.tar.gz if you upgraded using ports) and follow the > instruction. [..] On the 2 machines I updated to ssh-portable sshd started without /var/empty being existing. It didn't complain and seemed to be working. But as far as I understand right now /var/empty is needed for chroot, right? So, maybe it is running but it's not running secure (coz not chrooted)? Regards, Jan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1024991881.2078.27.camel>