Searched refs:privsep (Results 1 – 18 of 18) sorted by relevance
| /external/openssh/ |
| D | README.privsep | 1 Privilege separation, or privsep, is method in OpenSSH by which
6 http://www.citi.umich.edu/u/provos/ssh/privsep.html
11 When privsep is enabled, during the pre-authentication phase sshd will
17 You should do something like the following to prepare the privsep
24 # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
29 privsep user and chroot directory:
31 --with-privsep-path=xxx Path for privilege separation chroot
32 --with-privsep-user=user Specify non-privileged user for privilege separation
34 PAM-enabled OpenSSH is known to function with privsep on AIX, FreeBSD,
38 part of privsep is supported. Post-authentication privsep is disabled
[all …]
|
| D | TODO | 6 - Merge INSTALL & README.privsep
|
| D | INSTALL | 136 sshd for privilege separation. See README.privsep for details.
|
| D | ChangeLog | 85 Adapt Cygwin config script to privsep knob removal
130 deprecated, effectively making privsep mandatory in sandboxing mode. ok
133 (note: this doesn't remove the !privsep code paths, though that will
1301 disable Unix-domain socket forwarding when privsep is
2529 fixes sending of ext_info if privsep is disabled; report Aris Adamantiadis &
4681 Pass supported malloc options to connect-privsep.
4684 option portion of the connect-privsep test.
5498 Includes a pre-auth privsep sandbox and several pledge()
5960 fix multiple authentication using S/Key w/ privsep
7331 Avoids use-after-free in monitor when privsep child is compromised.
|
| D | configure.ac | 3103 AC_ARG_WITH([privsep-user],
3104 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
3314 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing])
4302 AC_ARG_WITH([privsep-path],
4303 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
|
| D | config.h.in | 1558 /* no privsep sandboxing */
|
| /external/openssh/regress/ |
| D | cert-userkey.sh | 49 for privsep in yes no ; do
50 _prefix="${ktype} privsep $privsep"
56 echo "UsePrivilegeSeparation $privsep"
137 echo "UsePrivilegeSeparation $privsep"
186 for privsep in yes no ; do
187 _prefix="${ktype} privsep $privsep $auth"
192 echo "UsePrivilegeSeparation $privsep"
211 echo "UsePrivilegeSeparation $privsep"
|
| D | principals-command.sh | 60 for privsep in yes no ; do
61 _prefix="privsep $privsep"
67 echo "UsePrivilegeSeparation $privsep"
138 echo "UsePrivilegeSeparation $privsep"
|
| D | cert-hostkey.sh | 123 for privsep in yes no ; do
125 verbose "$tid: host ${ktype} cert connect privsep $privsep"
130 echo UsePrivilegeSeparation $privsep
161 for privsep in yes no ; do
163 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
168 echo UsePrivilegeSeparation $privsep
|
| D | multipubkey.sh | 34 for privsep in no yes; do
38 echo "UsePrivilegeSeparation $privsep"
|
| D | README.regress | 62 connect-privsep.sh: proxy connect with privsep
|
| D | Makefile | 21 connect-privsep \
|
| D | test-exec.sh | 167 connect-privsep|reexec)
|
| /external/openssh/contrib/cygwin/ |
| D | Makefile | 50 -$(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep
|
| /external/openssh/contrib/aix/ |
| D | buildbff.sh | 226 echo UsePrivilegeSeparation not enabled, privsep directory not required.
|
| /external/openssh/contrib/suse/ |
| D | openssh.spec | 139 --with-privsep-path=/var/lib/empty \
|
| /external/ipsec-tools/src/racoon/ |
| D | Makefile.in | 81 dnssec.$(OBJEXT) getcertsbyname.$(OBJEXT) privsep.$(OBJEXT) \
520 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privsep.Po@am__quote@
|
| /external/openssh/contrib/redhat/ |
| D | openssh.spec | 197 --with-privsep-path=%{_var}/empty/sshd \
|