[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: privsep checking

To: Ted U <grendel@heorot.stanford.edu>
Subject: Re: privsep checking
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Mon, 24 Jun 2002 20:04:26 -0600
Cc: misc@openbsd.org

> Is there some method to verify that sshd is running in privsep mode?

Do a non-root ssh to the machine in question.

On the machine in question, see if ps shows two entries for that connection:

Like this:

deraadt   4676  0.0  0.0   400  1040 ??  I     Thu10PM    0:00.01 sshd: deraadt@ttyp0 (sshd)
root      9269  0.0  0.0   396  1228 ??  Is    Thu10PM    0:00.03 sshd: deraadt [priv] (sshd)


See the [priv]?

That's your sign.

Follow-Ups:
- Re: privsep checking
  - From: Jim Simmons <simmonsjw-openbsd@sws6.ornl.gov>
- Re: privsep checking..oops
  - From: Lars Hansson <lars@unet.net.ph>
- Re: privsep checking
  - From: Lars Hansson <lars@unet.net.ph>
- Re: privsep checking
  - From: "Kevin" <openbsdnow@hotmail.com>

References:
- privsep checking
  - From: Ted U <grendel@heorot.stanford.edu>

Prev by Date: Re: CVS tag for OpenSSH 3.3
Next by Date: Re: tightest fstab
Prev by thread: privsep checking
Next by thread: Re: privsep checking
Index(es):
- Date
- Thread