I try to install openSSH on my box because I heard it is far safer than telnet, but I have few problems with it...

When I complete my installation, at the end of "make install" I get this msg :
id sshd || \
echo "WARNING: Privilege separation user \"sshd\" does not exist"
WARNING: Privilege separation user "sshd" does not exist
Id: sshd: no such user.

And when I try to start sshd, I get this msg :
Privilege Separation User sshd does not exist

What I'm suppose to do? I have read some man/how to pages, but found nothing about this... sshd_config does not contain option about a "sshd" user.

Do I have to create a new user called sshd to make it run? I'm not sure to understand... Maybe I forgot something?

Btw, I'm not using PAM or /dev/random, PAM home page give me hundred of modules/apps/option so I don't know wich ones to choose and I don't know how to tell ssl to use /dev/random (open ssh read me say something like this).

I'm feeling really about this

Hi there!
Just install the slackware package of the latest version, it sets up everything for you
(By the way,, uninstall any existing versions of OpenSSH before installing the SlackPack)
You can find it here on ftp.slackware.com in the /pub/slackware/slackware-8.1/patches/packages/ directory. Then just do this as root.

cd /pathwhereyoudownloadedOpenSSH
installpkg openssh-3.4p1-i386-1.tgz

Good Luck!
RefriedBean

You do need to add an sshd user if you compile from source. The following (from README.privsep) is what you need to do to set this up:

mkdir /var/empty
chown root:sys /var/empty
chmod 755 /var/empty
groupadd sshd
useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd

--jeremy

You might also have to turn off compression in
sshd_conf

Can I install 8.1 ssh in a 8.0 box?

Thanx Jeremy, now I can start sshd... But I still have problem. I can't log in, look like shhd don't want to accept my password... I will try to find what's going wrong.

Did anyone know how I can add PAM and /dev/random to ssh?

Does Slack even support PAM, 8.0 doesn't installl it?

Did you saying you compiled from source?
If so you need to enable support for md5 and shadow passwords?

You might also want to check http://linuxpackage.net

Yes I compiled from source... You say I need to support md5 and shadow? How can I do this? I'm feeling a bit lost,the INSTALL text file is REALLY NOT complete, what I'm suppose to support or not and how?

I'm trying to install OpenSSH 3.4 over 2.9 to protect my server from the vulnerabilities in older versions of the software and I cannot get past this error:

/usr/local/etc/ssh_host_key already exists, skipping.
/usr/local/etc/ssh_host_dsa_key already exists, skipping.
/usr/local/etc/ssh_host_rsa_key already exists, skipping.
id sshd || \
echo "WARNING: Privilege separation user \"sshd\" does not exist"
uid=509(sshd) gid=2003(sshd) groups=2003(sshd)


I've searched many forums and google and have found others who received this same error but I can't get past it. I have tried this:

mkdir /var/empty
chown root:sys /var/empty
chmod 755 /var/empty
groupadd sshd
useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd

and the error still comes up. It even shows it is finding the user and group so why does it say it doesn't exist?

I am running Red Hat 7.2 on my dedicated server.


John

Hi,

I've been having the same problem...my post has been under RPM vs Compiling. This is the same issue that I have been having, and even after I create a user sshd, I am unable to log in as well. On the openssh site, there are some mailing list archives. This one in particular mentions Priv. Sep. user.

http://marc.theaimsgroup.com/?l=open...1468000623&w=2

I have sent an email to openssh@openssh.org but have not received a response yet.

How many others have had this problem I wonder?

Anyways, I'll keep viewing this until it is resolved.

From the results that came up in my searches I couldn't believe how many others had this same problem. The developers really should have done some beta testing before they released this. It is really frustrating.

I will keep looking and let you know if I get past the error. Please do the same


John

That isn't an error it's a warning. You should be able to run sshd with no problems.

--jeremy

Running sshd is not the problem, logging in from another machine is a problem. I have the same user accounts on both machines.
Permission denied (publickey,password,keyboard-interactive)

Jeremy, you are correct. They should have at least put a message below the warning saying everything should still work properly. It is very misleading.

The path to the updated SSHD is: /usr/local/sbin/sshd and the older version was /usr/local/sbin/sshd. Should I delete the directory 'sshd' in /usr/sbin?


John

my ssh is working perfectly and I still get the "warning" it's not important I suppose

thanks, now it works

--oxeen