Hi,
I'm attempting to get openssh-3.4p1 up and running on our DEC/Compaq
Alpa workstations.
They are running Tru64 Unix 5.1A. I compile the package myself.
Openssh-3.1 worked perfectly, with the default sshd_config file.
Openssh-3.4p1 works, if I set UsePrivilegeSeparation to "no" in the
sshd_config file.
NOTE: I have a secondary issue with the ListenAddress default setting
(0.0.0.0); I must either explicitly set it the server machine IP
address, or must set the address 0.0.0.0 as allowed for sshd in my
tcp-wrappers hosts.allow file. I only mention this in case it is
relevant - I don't believe it is related to privsep problems.
When I have UsePrivilegeSeparation at the default setting ("yes"), I
am able to initiate an ssh connection (subject to the NOTE info
above), but the the connection ultimately fails with the following
log entries:
Accepted password for uther from 140.172.241.43 port 2762 ssh2
cannot set login uid 8970: error Not owner.
audgen(LOGIN): Permission denied
fatal: Couldn't establish session for uther from gawain
I have the following in my /etc/passwd file:
sshd:Nologin:22:22:sshd privsep:/var/empty:/bin/false
and the following in my /etc/group file:
sshd:*:22:
and the following directory exists:
drwx------ 2 root system 8192 Oct 2 09:30 empty
I've also tried the following in my /etc/passwd file:
sshd:*:22:22:sshd privsep:/var/empty:/bin/false
Is this one of the few issues with some operating systems that is
still being worked on?
Any suggestions?
Many thanks,
Henry Miller
--
Dr. Henry LeRoy Miller, Jr.
NOAA Aeronomy Laboratory
DSRC 3A115
325 Broadway - RAL8
Boulder, CO 80305-3328
USA
phone: 303-497-7209
fax: 303-497-5686
email: miller at al.noaa.gov