bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-21 19:20 UTC
[Bug 1344] New: DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344 Summary: DISABLE_FD_PASSING does not work if sshd invoked by inetd Product: Portable OpenSSH Version: 4.6p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: kraai at ftbfs.org If DISABLE_FD_PASSING is defined and sshd is invoked by inetd, the connection is closed immediately. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-21 19:22 UTC
[Bug 1344] DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344 --- Comment #1 from Matt Kraai <kraai at ftbfs.org> 2007-07-22 05:21:58 --- Created an attachment (id=1329) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1329) Initialize use_privsep based on DISABLE_FD_PASSING The attached patch fixes the problem by initializing use_privsep based on DISABLE_FD_PASSING. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-22 03:06 UTC
[Bug 1344] DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #2 from Darren Tucker <dtucker at zip.com.au> 2007-07-22 13:06:09 --- (In reply to comment #1)> Created an attachment (id=1329)--> (http://bugzilla.mindrot.org/attachment.cgi?id=1329) [details]> Initialize use_privsep based on DISABLE_FD_PASSING > > The attached patch fixes the problem by initializing use_privsep based > on DISABLE_FD_PASSING.This does not seem to be a general problem: on Linux, at least, an sshd built with DISABLE_FD_PASSING still works with inetd mode. It would be interesting to know if there's a problem on the other platforms that normally set DISABLE_FD_PASSING. Could you please provide the debug output from sshd, either by setting "LogLevel debug3" in sshd_config and collecting the messages from wherever syslog puts them, or by running sshd in inetd mode as a proxycommand, eg ssh -o "ProxyCommand sudo /usr/local/sbin/sshd -ddde -i" yourserver Thanks. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-22 04:36 UTC
[Bug 1344] DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344 --- Comment #3 from Matt Kraai <kraai at ftbfs.org> 2007-07-22 14:36:26 --- (In reply to comment #2)> (In reply to comment #1) > > Created an attachment (id=1329)--> (http://bugzilla.mindrot.org/attachment.cgi?id=1329) [details] [details]> > Initialize use_privsep based on DISABLE_FD_PASSING > > > > The attached patch fixes the problem by initializing use_privsep based > > on DISABLE_FD_PASSING. > > This does not seem to be a general problem: on Linux, at least, an sshd > built with DISABLE_FD_PASSING still works with inetd mode. It would be > interesting to know if there's a problem on the other platforms that > normally set DISABLE_FD_PASSING. > > Could you please provide the debug output from sshd, either by setting > "LogLevel debug3" in sshd_config and collecting the messages from > wherever syslog puts them, or by running sshd in inetd mode as a > proxycommand, eg > > ssh -o "ProxyCommand sudo /usr/local/sbin/sshd -ddde -i" yourserverI won't have access to a QNX system until Monday, but I'll check it out then. Thanks for the help. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2007-Jul-24 06:02 UTC
[Bug 1344] DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344 Matt Kraai <kraai at ftbfs.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #4 from Matt Kraai <kraai at ftbfs.org> 2007-07-24 16:02:24 --- (In reply to comment #2)> This does not seem to be a general problem: on Linux, at least, an sshd > built with DISABLE_FD_PASSING still works with inetd mode. It would be > interesting to know if there's a problem on the other platforms that > normally set DISABLE_FD_PASSING.You're right, it was user error. I hadn't created the sshd group and user. Once I did so (and applied the patch for bug 1343), I was able to log in successfully. Thanks for the help. -- Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Apr-03 23:00 UTC
[Bug 1344] DISABLE_FD_PASSING does not work if sshd invoked by inetd
https://bugzilla.mindrot.org/show_bug.cgi?id=1344 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #5 from Damien Miller <djm at mindrot.org> 2008-04-04 10:00:17 --- Close resolved bugs after release. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 1343] New: Privilege separation does not work on QNX
- [Bug 1149] Does not build on QNX
- [Bug 1113] Add Interix authentication support
- Fwd: BUG: Documentation/lguest/lguest.c bad paths for includes cause make to fail
- Fwd: BUG: Documentation/lguest/lguest.c bad paths for includes cause make to fail