Displaying 20 results from an estimated 1000 matches similar to: "[Bug 283] New: UsePrivilegeSeparation fails on AIX, Couldn't set usrinfo:"
2002 Jun 21
5
[Bug 283] UsePrivilegeSeparation fails on AIX, Couldn't set usrinfo:
http://bugzilla.mindrot.org/show_bug.cgi?id=283
------- Additional Comments From janfrode at parallab.uib.no 2002-06-22 09:00 -------
hmm, I lost part of a sentence there.. I meant to say that commenting out:
if (usrinfo(SETUINFO, cp, i) == -1)
fatal("Couldn't set usrinfo: %s", strerror(errno));
from openbsd-compat/port-aix.c makes sshd function with
2001 Mar 15
1
News from AIX
Hi,
News from the "AIX is different than the rest of the world" department...
AIX has something similar to setluid() on SCO, just that it uses text
strings (similar to setenv()) and calls it "usrinfo". I've appended
the man page below.
Under normal conditions, well-behaved applications use ttyname(),
logname() and getuid() get the relevant informations, but today
2002 Jun 26
0
IRIX 6.5 patch for Compression with UsePrivilegeSeparation
Simon Cooper already mailed in a patch to get the effects of MAP_ANON on
IRIX systems, but it was against openssh/3.3p1. I've reapplied his
patach to openssh/3.4p1 and include it as an attachment.
Here's his explanation:
> I noticed that the recent release requires the existence of MAP_ANON to get
> an anonymous memory region. In Irix the equivalent functionality can be
>
2002 Apr 29
0
[Bug 230] New: UsePrivilegeSeparation turns off Banner.
http://bugzilla.mindrot.org/show_bug.cgi?id=230
Summary: UsePrivilegeSeparation turns off Banner.
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: OpenBSD
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2002 May 28
0
[Bug 259] New: UsePrivilegeSeparation crashed sshd under Linux 2.2
http://bugzilla.mindrot.org/show_bug.cgi?id=259
Summary: UsePrivilegeSeparation crashed sshd under Linux 2.2
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2002 Aug 12
1
PermitRootLogin=forced-commands-only does not work with UsePrivilegeSeparation=yes
Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only
does not work if UsePrivilegeSeparation is enabled; but it does work if privsep
is disabled.
Here are excerpts of debug from the server.
-----------UsePrivilegeSeparation DISABLED-------
...
Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M
debug1: restore_uid^M
debug1: ssh_dss_verify:
2005 Sep 07
4
[Bug 1080] 4.1p1 to 4.2p1 broke UsePrivilegeSeparation on HPUX
http://bugzilla.mindrot.org/show_bug.cgi?id=1080
Summary: 4.1p1 to 4.2p1 broke UsePrivilegeSeparation on HPUX
Product: Portable OpenSSH
Version: 4.2p1
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
2002 Jun 24
0
[Bug 288] New: UsePrivilegeSeparation fails on Redhat Linux 6.2, kernel 2.2.19
http://bugzilla.mindrot.org/show_bug.cgi?id=288
Summary: UsePrivilegeSeparation fails on Redhat Linux 6.2, kernel
2.2.19
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P1
Component: sshd
AssignedTo:
2014 Feb 22
2
[Bug 2204] New: gssapi-with-mic and UsePrivilegeSeparation sandbox
https://bugzilla.mindrot.org/show_bug.cgi?id=2204
Bug ID: 2204
Summary: gssapi-with-mic and UsePrivilegeSeparation sandbox
Product: Portable OpenSSH
Version: 6.4p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: Kerberos support
Assignee:
2011 Oct 20
2
[Bug 1945] New: Only 1 of the 2 krb cache files is removed on closing the ssh connection with UsePrivilegeSeparation=yes
https://bugzilla.mindrot.org/show_bug.cgi?id=1945
Bug #: 1945
Summary: Only 1 of the 2 krb cache files is removed on closing
the ssh connection with UsePrivilegeSeparation=yes
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: HP-UX
Status: NEW
2002 Jul 08
0
[Bug 339] New: 3.4p1: UsePrivilegeSeparation breaks key fingerprint logging
http://bugzilla.mindrot.org/show_bug.cgi?id=339
Summary: 3.4p1: UsePrivilegeSeparation breaks key fingerprint
logging
Product: Portable OpenSSH
Version: -current
Platform: All
URL: http://www.catnook.com/misc/sshd-key-fp-logging.txt
OS/Version: Solaris
Status: NEW
Severity: normal
2005 Apr 20
3
[Bug 1020] PrintLastLog doesn't work for UsePrivilegeseparation yes
http://bugzilla.mindrot.org/show_bug.cgi?id=1020
Summary: PrintLastLog doesn't work for UsePrivilegeseparation yes
Product: Portable OpenSSH
Version: 4.0p1
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2005 Apr 20
1
[Bug 1021] PrintLastLog doesn't work for UsePrivilegeseparation yes
http://bugzilla.mindrot.org/show_bug.cgi?id=1021
Summary: PrintLastLog doesn't work for UsePrivilegeseparation yes
Product: Portable OpenSSH
Version: 4.0p1
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2002 Jun 27
3
UsePrivilegeSeparation: "fatal: xrealloc: out of memory"
I just upgraded to OpenSSH 3.4p1 from 2.5.2p2 to take advantage of
privilege separation. After installation, when a user tries to login
he gets dropped almost immediately. In the server's
/var/log/messages:
Jun 26 20:15:04 sclp3 sshd[6433]: Accepted password for jason from 128.165.148.66 port 41871 ssh2
Jun 26 20:15:12 sclp3 jason[110]: sshd[6444]: fatal: xrealloc: out of memory (new_size
2005 May 18
0
Problems with RhostRSAAuthecntication and UsePrivilegeSeparation (RH9, 2.4.20-42.9.legacybigmem)
Hi,
for some days now I am/was fighting with an annoying problem. I have
to support an environment where RhostRSAAuthecntication via
/etc/ssh/sshd_known_hosts is used for password-less login.
This works fine with RH7.3 (and RH8) and openssh versions
openssh-3.1p1-3 (and openssh-3.4p1-2).
Our customer has now requested an upgrade to RH9. That comes with
openssh-3.5p-11 and the password-less
2002 Jun 25
1
[Bug 259] UsePrivilegeSeparation crashed sshd under Linux 2.2
http://bugzilla.mindrot.org/show_bug.cgi?id=259
------- Additional Comments From Al.Smith at gold.net 2002-06-25 18:09 -------
Linux 2.2 defines MAP_ANON in <bits/mman.h>, however it can seen in
/usr/src/linux/mm/mmap.c (lines 200 onwards) that if MAP_ANON is used
then the system call will return -EINVAL.
The following is a quick hack to get openssh to compile on linux 2.2:
diff -ur
2002 Jun 25
1
PrivSep and AIX 4.3.2
With 3.3p1 built on AIX 4.3.2:
$ ssh [blah]
Couldn't set usrinfo: Not owner
debug1: Calling cleanup 0x20019080(0x200219a0)
debug3: mm_request_send entering: type 27
debug1: Calling cleanup 0x20018dd4(0x0)
Connection to songohan closed by remote host.
Connection to songohan closed.
Output from sshd -d -d -d:
...
debug3: tty_parse_modes: 92 0
debug3: tty_parse_modes: 93 0
2002 Jun 22
2
AIX Package build update.
Hello All,
I've updated the AIX package builder (contrib/aix/buildbff.sh). The
changes are below. Please review and commit if OK.
First, a question: Does anyone want SRC (System Resource Controller)
support in the packages? I don't use it but I've been sent an example of
how do do it without modifying sshd itself.
Onto the changes:
* Supports PrivSep. Postinstall will create
2017 Aug 06
3
deprecation of UsePrivilegeSeparation breaks container use cases
Hello,
there are emerging container services that restrict regular users to
launch containers under some random uid for security reasons. If such
user needs sshd in their container, they need to turn off
`UsePrivilegeSeparation` so that sshd is executed as the current uid
and not `root`.
I understand that privilege separation [1] is more than changing the
process uid. On the other hand, it is
2002 May 28
5
Problems with UsePrivilegeSeparation (was: port fwd as user != root?
I just upgraded to OpenSSH3.2.3p1 as it seemed that
UsePrivilegeSeparation yes
might help with my problem (connections forwarded
are owned by root instead of the user I logged in as
on the server), but instead, sshd barfs on receiving
a connection. Without UsePrivilegeSeparation
the server works fine.
# strace -o /tmp/sshd.str sshd -d
debug1: sshd version OpenSSH_3.2.3p1
debug1: private host