From owner-freebsd-current Sat Apr 13 3:46:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122]) by hub.freebsd.org (Postfix) with ESMTP id 9576837B405 for ; Sat, 13 Apr 2002 03:46:06 -0700 (PDT) Received: from pool0023.cvx22-bradley.dialup.earthlink.net ([209.179.198.23] helo=mindspring.com) by pintail.mail.pas.earthlink.net with esmtp (Exim 3.33 #1) id 16wL2h-0004vy-00; Sat, 13 Apr 2002 03:46:04 -0700 Message-ID: <3CB80C4F.B37B1C37@mindspring.com> Date: Sat, 13 Apr 2002 03:45:35 -0700 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Rasmus Skaarup Cc: freebsd-current@freebsd.org Subject: Re: pam_unix.so error and lock order reversal References: <20020413122015.L15130-100000@skaarup.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Rasmus Skaarup wrote: > 2) When logged in as root, and su'd to a non-root user, I cannot ssh to a > 4.5-STABLE machine.. It just hangs. But when logged in as non-root, it > works fine. Is this somekind of security feature? :-) Pretty much. The user it attempts to log you in as is still "root", because that's still your identity, even if it's not your current credential. But your current credential does not have access to the files for the remote system which are necessary for your identity (~root/.ssh). Ideally, identity would be handled by a "session manager", which was created at login time, which would maintain its priviledges to these resources. You might want to try using "su -" instead of "su", in order to actually *become* the other person. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message