From: Bill R. Williams (brwms@etsu.edu)
Date: Wed Sep 24 2003 - 08:38:09 EDT
Question for those of you who are using OpenSSH -- especially those
who built the newer (7.1.1p1) versions...
Are you running with the 'UsePrivilegeSeparation yes' active?
If not:
Did you configure using the '--without-privsep...' options?
Or did you keep the '--with-privsep-user...' options and
specify 'UsePrivilegeSeparation yes'
In digging around for the latest/best advice from the docs/packages
available I have noticed only one sentence (from Jan 2003
sun/blueprints document "Building OpenSSH -- Tools and Tradeoffs")
which suggests:
--with-pam
--without-privsep-user/path
This argument disables privilege separation due to PAM
interaction.
However, I see no dire warnings from the contrib/solaris files in the
OpenSSH-7.1.1p1.tar.gz package.
What PAM interactions are we talking about?
Unless there is some real reason I would feel better having
'--with-privser...' at least built in; I could then set the
'UsePrivilegeSeparation no' to disable it.
-- --------------------------------------------- Bill R. Williams <brw@etsu.edu> ------------------------ ETSU Library Systems _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:10 EDT