OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Steffen Dettmer (steffendett.de)
Date: Fri Jun 28 2002 - 02:49:42 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    * Frank Heimann wrote on Thu, Jun 27, 2002 at 16:48 +0200:
    > On Thu, Jun 27, 2002 at 11:39:32AM +0200, Steffen Dettmer wrote:
    > The user sshd is just used during the authentication-process.
    > http://www.citi.umich.edu/u/provos/ssh/priv.jpg shows it pretty well.
    >
    > A with root previledges running sshd process listens on port 22.
    > When someone tries to login via ssh, this sshd forks, chroot()s to /var/empty
    > and changes his uid to the uid of the user sshd.

    Ohh I see! There isn't "an authentication process" but an
    authentication process for each connection, forked on demand!

    > I hope this helps a bit.

    Yes, of course, now it's clear, thank you very much!

    oki,

    Steffen 

    -- 
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here