[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: privsep checking

To: misc@openbsd.org
Subject: Re: privsep checking
From: Lars Hansson <lars@unet.net.ph>
Date: Tue, 25 Jun 2002 12:35:34 +0800
References: <Pine.BSO.4.44.0206240926370.5693-100000@heorot.stanford.edu> <200206250204.g5P24QLI031709@cvs.openbsd.org>

On Mon, 24 Jun 2002 20:04:26 -0600
"Theo de Raadt" <deraadt@cvs.openbsd.org> wrote:

> > Is there some method to verify that sshd is running in privsep mode?
> 
> Do a non-root ssh to the machine in question.
> 
> On the machine in question, see if ps shows two entries for that connection:
> 
> Like this:
> 
> deraadt   4676  0.0  0.0   400  1040 ??  I     Thu10PM    0:00.01 sshd: deraadt@ttyp0 (sshd)
> root      9269  0.0  0.0   396  1228 ??  Is    Thu10PM    0:00.03 sshd: deraadt [priv] (sshd)
> 
> 
> See the [priv]?
> 
> That's your sign.

A slightly related question:
Does privsep work differently on pre-3.1 systems?
I dont see any sshd processes with [priv] on my updated 2.9 and 3.0 systems.

---
Lars Hansson

Follow-Ups:
- Re: privsep checking
  - From: Hannah Schröter <hannah@schlund.de>

References:
- privsep checking
  - From: Ted U <grendel@heorot.stanford.edu>
- Re: privsep checking
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

Prev by Date: Re: PF and Raptor SMTP gateway incompatible?
Next by Date: Re: size of state table on 3 legged machine
Prev by thread: Re: privsep checking..oops
Next by thread: Re: privsep checking
Index(es):
- Date
- Thread