Network Security: Detailed info on Re: How to verify Privilege Separation is working?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: How to verify Privilege Separation is working?

from [Greg Wooledge] Network Security

[Permanent Link]

Subject:	Re: How to verify Privilege Separation is working?
Date:	Mon, 27 Sep 2004 07:53:53 -0400

On Fri, Sep 24, 2004 at 08:59:53AM +0100, Philip Le Riche wrote:

Is there a simple way to positively demonstrate that privilege
separation is working? Running ps -fe shows all sshd processes running
as root.


The easiest way is to use an account that requires password
authentication, thus:

*before*
$ ps -ef | grep ssh
    root  1499     1  0  Sep 17  ?         0:57 /usr/local/sbin/sshd

*on a client box*
$ ssh server
wooledg@server's password: 

*on the server, while the password prompt is still up*
$ ps -ef | grep ssh
    root  1499     1  0  Sep 17  ?         0:57 /usr/local/sbin/sshd
    root 17011  1499  7 07:48:12 ?         0:00 sshd: wooledg [priv]
    sshd 17013 17011  4 07:48:12 ?         0:00 sshd: wooledg [net]

(In these examples, I omitted the lines for the current ssh shell session
to avoid confusion.)

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
How to verify Privilege Separation is working?, Philip Le Riche Re: How to verify Privilege Separation is working?, Greg Wooledge <= Re: How to verify Privilege Separation is working?, David Walker

Previous by Date:	Re: how to use x11 forwarding?, Shawn Duffy
Next by Date:	SSH Tunnel Help, Phusion
Previous by Thread:	How to verify Privilege Separation is working?, Philip Le Riche
Next by Thread:	Re: How to verify Privilege Separation is working?, David Walker
Indexes:	[Date] [Thread] [Top] [All Lists]