Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a linux dns server/smtp server that I configured. I would eventually remove the mouse, keyboard and monitor and hide the box somewhere and leave it running all the time. I installed the latest openssl and openssh package by source (I am running Redhat 5.2). I find that I can only remote login if I login as root. If I login as any other user, the connection to the linux box is closed by remote host. This happens even If I try to ssh locally with ssh -l user localhost. If I look at the logs I see password authentication succeeded
channel 0: new [client-session]
channel 0: send open
Entering interactive session
callback start
ssh_session2_setup:id 0
channel 0:request pty-req
channel 0:request shell
callback done
channel 0: open confirm rwindow - rmax 32768
channel_free: channel 0: client-session,nchannels 1
Connection to localhost closed by remote host
Connection to localhost closed.
Transferred : stdin 0, stdout 0, stderr 81 bytes in 0.4 seconds
Bytes per second: stdin 0.0, stdout 0.0, stderr 217.1
Exit status -1
In /var/log/messages I see:
Accepted password for user from 127.0.0.1 port 104 ssh2
fatal : mm_receive_fd : expected type 1 got 10443377
If I login as root, everything is fine loggin in remotely or locally. Thanks for any help you can give.
Thank You Very Much!
I deleted the sshd priv sep user and group and then disabled it in sshd_config. User can now log on. You just saved me countless hours of figuring out.
I hope you realize privsep makes part of sshd run as root, and part in a chroot. By disabling privsep you're effectively weakening your boxes security posture by making the whole of sshd run as root. IMHO a good way to assess/curb risks would be to review the restrictions you place on remote access (if you can) using the directives in sshd_config, TCP Wrappers and the firewall.
IIRC it's an mmap related issue in 2.2x and below, but you'd better read up on these discussions in any mailinglist archiving site like Neohapsis.com or Der-keiler.de.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.