This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: openssh: privilege separation no longer supported on Cygwin? SURPRISE!
On Mon, 29 May 2017 19:14:30, Houder wrote:
[snip]
> As if the "sshd" account is NEVER, NEVER used during the _whole_ process
> (that is, there is NO privilege separation, as far as I can tell).
.. wanted to share this experience with you.
- deleted user/account 'sshd' # net user sshd /delete
- modified the last part (rid?) of the sid belonging to user/account 'sshd'
in xxxx (in /etc/passwd)
- rebooted
Before reboot, I changed 'sshd' in an automatic service (was: manual)
After the system had rebooted:
- 'cygrunsrv -Q sshd' shows 'sshd' running ...
- 'tail -f /var/log/sshd.log' shows 'sshd' listening ...
- 'net user' shows user/account 'sshd' gone ...
I can still use ssh ... (both password authentication and key authentication)
Yes, if I remove user/account 'sshd' completely from /etc/passwd, only
then 'sshd' won't start ...
Regards,
Henri
=====
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple