This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: How do I run sshd as a particular user?


On Sat, Apr 12, 2008 at 10:06 AM, Corinna Vinschen
<corinna-cygwin@cygwin.com> wrote:
> On Apr 12 01:11, Robert McKay wrote:
>  > In order to run sshd as an unprivileged user I had to use a nasty
>  > hexedit hack on the sshd.exe file to replace the seteuid() call (which
>  > fails / returns -1 without admin privileges and causes sshd to exit)
>  > with a call to isalpha() which has (almost) the same function
>  > prototype, but always returns 0 unless your userid 'is an alphanumeric
>  > charater' :)
>
>  Aaaaargh!
>
>  I don't know what you're doing wrong but this is *totally* unnecessary.
>  You can run sshd as unprivileged user without having to change the
>  sshd code.  You can do this while another sshd is running on
>  port 22 under a privileged account.  What the user has to do is to create
>  her own sshd_config file and own host keys.  If no other sshd is running
>  on the machine, just chown the host key files in /etc and switch off
>  privilege separation in /etc/sshd_config.

Interesting.. are you sure your account doesn't have the allow replace
process token privilege?

I'll take another look this when I get the chance.. perhaps sshd has
changed in some way.

Cheers,

Rob.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]