Searched refs:privsep (Results 1 – 18 of 18) sorted by relevance
/external/openssh/ |
D | README.privsep | 1 Privilege separation, or privsep, is method in OpenSSH by which 6 http://www.citi.umich.edu/u/provos/ssh/privsep.html 15 When privsep is enabled, during the pre-authentication phase sshd will 21 You should do something like the following to prepare the privsep 28 # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd 33 privsep user and chroot directory: 35 --with-privsep-path=xxx Path for privilege separation chroot 36 --with-privsep-user=user Specify non-privileged user for privilege separation 41 PAM-enabled OpenSSH is known to function with privsep on AIX, FreeBSD, 45 part of privsep is supported. Post-authentication privsep is disabled [all …]
|
D | TODO | 6 - Merge INSTALL & README.privsep
|
D | ChangeLog | 11 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal 42 [regress/connect-privsep.sh] 122 introduce sandboxing of the pre-auth privsep child using systrace(4). 126 privsep child can perform. This prevents a compromised privsep child 132 on the list results in SIGKILL being sent to the privsep child. Note 163 make the pre-auth privsep slave log via a socketpair shared with the
|
D | INSTALL | 128 sshd for privilege separation. See README.privsep for details.
|
D | configure.ac | 2463 AC_ARG_WITH([privsep-user], 2464 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2511 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing]) 3498 AC_ARG_WITH([privsep-path], 3499 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
|
D | config.h.in | 1350 /* no privsep sandboxing */
|
D | configure | 1422 --with-privsep-user=user Specify non-privileged user for privilege separation 1426 --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)
|
/external/openssh/regress/ |
D | cert-userkey.sh | 41 for privsep in yes no ; do 42 _prefix="${ktype} privsep $privsep" 48 echo "UsePrivilegeSeparation $privsep" 124 echo "UsePrivilegeSeparation $privsep" 167 for privsep in yes no ; do 168 _prefix="${ktype} privsep $privsep $auth" 173 echo "UsePrivilegeSeparation $privsep" 187 echo "UsePrivilegeSeparation $privsep"
|
D | cert-hostkey.sh | 48 for privsep in yes no ; do 50 verbose "$tid: host ${ktype} cert connect privsep $privsep" 55 echo UsePrivilegeSeparation $privsep 90 for privsep in yes no ; do 92 verbose "$tid: host ${ktype} revoked cert privsep $privsep" 97 echo UsePrivilegeSeparation $privsep
|
D | README.regress | 62 connect-privsep.sh: proxy connect with privsep
|
D | Makefile | 17 connect-privsep \
|
/external/openssh/contrib/cygwin/ |
D | Makefile | 50 $(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep
|
D | README | 52 /usr/doc/openssh/README.privsep. According to that document the 53 privsep feature requires a non-privileged account called 'sshd'. 66 by yourself, please note that in contrast to the README.privsep document
|
/external/openssh/contrib/aix/ |
D | buildbff.sh | 226 echo UsePrivilegeSeparation not enabled, privsep directory not required.
|
/external/openssh/contrib/suse/ |
D | openssh.spec | 141 --with-privsep-path=/var/lib/empty \
|
/external/openssh/contrib/caldera/ |
D | openssh.spec | 182 --with-privsep-path=%{_var}/empty/sshd \
|
/external/ipsec-tools/src/racoon/ |
D | Makefile.in | 81 dnssec.$(OBJEXT) getcertsbyname.$(OBJEXT) privsep.$(OBJEXT) \ 520 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privsep.Po@am__quote@
|
/external/openssh/contrib/redhat/ |
D | openssh.spec | 199 --with-privsep-path=%{_var}/empty/sshd \
|