Searched refs:privsep (Results 1 – 15 of 15) sorted by relevance
| /freebsd/crypto/openssh/ |
| H A D | README.privsep | 1 Privilege separation, or privsep, is method in OpenSSH by which
6 http://www.citi.umich.edu/u/provos/ssh/privsep.html
14 You should do something like the following to prepare the privsep
21 # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
26 privsep user and chroot directory:
28 --with-privsep-path=xxx Path for privilege separation chroot
29 --with-privsep-user=user Specify non-privileged user for privilege separation
31 PAM-enabled OpenSSH is known to function with privsep on AIX, FreeBSD,
35 of privsep is supported. Post-authentication privsep is disabled
38 Note that for a normal interactive login with a shell, enabling privsep
|
| H A D | TODO | 6 - Merge INSTALL & README.privsep
|
| H A D | ChangeLog | 575 starts very early in the session. Relative early in OpenSSH lifetime, privsep
1518 the privsep preauth process.
1692 privilege separation entirely because privsep requires PTY allocation
1703 privsep process retain privilege (other platforms that set the
1714 delay lookup of privsep user until config loaded
1717 decide whether it needed to lookup the privsep user before the
1719 that caused it always to try to lookup the privsep user, breaking at
1757 upstream: reap preauth net child if it hangs up during privsep message
1777 upstream: reap the pre-auth [net] child if it hangs up during privsep
1821 upstream: reap the [net] child if it hangs up while writing privsep
[all …]
|
| H A D | INSTALL | 13 separation. See README.privsep for details.
|
| H A D | configure.ac | 3603 AC_ARG_WITH([privsep-user],
3604 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
3856 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing])
4958 AC_ARG_WITH([privsep-path],
4959 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
|
| /freebsd/crypto/openssh/.github/ |
| H A D | configs | 105 privsep="--with-privsep-user=root"
106 CONFIGFLAGS="$CONFIGFLAGS $features $hardening $privsep"
|
| /freebsd/crypto/openssh/contrib/cygwin/ |
| H A D | Makefile | 51 -$(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep
|
| /freebsd/sbin/pflogd/ |
| H A D | Makefile | 5 SRCS= pflogd.c pidfile.c privsep.c privsep_fdpass.c
|
| /freebsd/sbin/dhclient/ |
| H A D | Makefile | 39 parse.c privsep.c
|
| /freebsd/etc/ |
| H A D | master.passwd | 17 _pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
|
| /freebsd/crypto/openssh/regress/ |
| H A D | README.regress | 69 connect-privsep.sh: proxy connect with privsep
|
| H A D | Makefile | 28 connect-privsep \
|
| /freebsd/crypto/openssh/contrib/aix/ |
| H A D | buildbff.sh | 225 echo UsePrivilegeSeparation not enabled, privsep directory not required.
|
| /freebsd/crypto/openssh/contrib/suse/ |
| H A D | openssh.spec | 141 --with-privsep-path=/var/lib/empty \
|
| /freebsd/crypto/openssh/contrib/redhat/ |
| H A D | openssh.spec | 213 --with-privsep-path=%{_var}/empty/sshd \
|