[ale] ssh remote root exploit :-(

James P. Kinney III jkinney at localnetsolutions.com
Tue Jun 25 17:19:32 EDT 2002


Make a sshd user. From my /etc/passwd:
sshd:x:74:74::/var/empty/sshd:/bin/false

On Tue, 2002-06-25 at 16:19, John Mills wrote:
> ALErs -
> 
> On Mon, 24 Jun 2002, David Bronson wrote:
> 
> > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102495293705094&q=raw
> 
> >From the linked note:
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> However, everyone should update to OpenSSH 3.3 immediately, and enable
> priv seperation in their ssh daemons, by setting this in your
> /etc/ssh/sshd_config file:
> 
>         UsePrivilegeSeparation yes
> 
> Depending on what your system is, privsep may break some ssh
> functionality.  However, with privsep turned on, you are immune from
> at least one remote hole.  Understand?
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
> I'm building openssh-3.3p1 from sources, and wondered which user to name
> for the 'separated' user. I chose 'nobody' but don't know if this was a
> good option.
> 
> At startup I was told that '/var/empty' did not exist, so I created
> it. 'sshd' started, but I am not yet connecting successfully with
> 'UsePrivilegeSeparation yes' (works OK with 'no').
> 
> Thanks for any comments.
> 
>  - John Mills
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.
-- 
James P. Kinney III   \Changing the mobile computing world/
President and CEO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list