[Re: [suse-security] Open-SSH-3.4p1 and Kernel 2.0.x]
I just wanted to report the same problem as Christoph pointed with open-SSH-3.4p1 and kernel 2.0.x, after standard compilation: # /usr/sbin/sshd
This platform does not support both privilege separation and compression compression disabled Privilege separation user sshd does not exist
-----------------
And this is an advice from an openssh developper: The issue is your using Linux 2.2 or below kernel which does not support the required mmap() features we need. This issue will be addressed in the next release. Until then just diable compression. -> This is still not working. Any comments? Th. Christoph Wegener wrote:
Hi, does anybody have a kernel 2.0.x and Open-SSH-3.4p1 running _WITH_ SepPriv activated?!? I always get an mm error even when compression is turned off... :((
Thanx for any hint Christoph -- .-. Ruhr-Universitaet Bochum /v\ L I N U X Lehrstuhl fuer Biophysik // \\ >Penguin Computing< c/o Christoph Wegener /( )\ Gebaeude ND 04/Nord ^^-^^ D-44780 Bochum, GERMANY
Tel: +49 (234) 32-25754 Fax: +49 (234) 32-14626 mailto:cwe@bph.ruhr-uni-bochum.de http://www.bph.ruhr-uni-bochum.de
On Fri, Jun 28, 2002 at 10:35:02AM +0200, Thierry Lombardot wrote:
I just wanted to report the same problem as Christoph pointed with open-SSH-3.4p1 and kernel 2.0.x, after standard compilation:
# /usr/sbin/sshd
This platform does not support both privilege separation and compression compression disabled Privilege separation user sshd does not exist
-----------------
And this is an advice from an openssh developper:
The issue is your using Linux 2.2 or below kernel which does not support the required mmap() features we need. This issue will be addressed in the next release. Until then just diable compression.
-> This is still not working.
Our 3.3p1 source rpm has a patch by Solar Designer which needs slight tweaking for 3.4 (as far as I can tell, just an #ifdef changed). Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
Hi, I patched the files (monitor_mm.c and monitor_mm.h) manually since the patch-file form Solar designer did not work (Open-SSH-3.3 <-> Open-SSH-3.4) cause they changed ifdef's... Now it works - but ONLY for root: Jun 28 12:41:49 NAME sshd[19103]: Accepted password for root from xxx port x ssh2 Jun 28 12:42:13 NAME sshd[19128]: Accepted password for webadmin from xxx port x ssh2 Jun 28 12:42:13 NAME sshd[19130]: fatal: mm_receive_fd: expected type 1 got 1074324033 Any hints?!? Christoph PS: attached you can find my monitor_mm.c and monitor_mm.h 28.6.2002 10:37:30, Olaf Kirch <okir@suse.de> wrote:
On Fri, Jun 28, 2002 at 10:35:02AM +0200, Thierry Lombardot wrote:
I just wanted to report the same problem as Christoph pointed with open-SSH-3.4p1 and kernel 2.0.x, after standard compilation:
# /usr/sbin/sshd
This platform does not support both privilege separation and compression compression disabled Privilege separation user sshd does not exist
-----------------
And this is an advice from an openssh developper:
The issue is your using Linux 2.2 or below kernel which does not support the required mmap() features we need. This issue will be addressed in the next release. Until then just diable compression.
-> This is still not working.
Our 3.3p1 source rpm has a patch by Solar Designer which needs slight tweaking for 3.4 (as far as I can tell, just an #ifdef changed).
Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann -- .-. Ruhr-Universitaet Bochum /v\ L I N U X Lehrstuhl fuer Biophysik // \\ >Penguin Computing< c/o Christoph Wegener /( )\ Gebaeude ND 04/Nord ^^-^^ D-44780 Bochum, GERMANY
Tel: +49 (234) 32-25754 Fax: +49 (234) 32-14626 mailto:cwe@bph.ruhr-uni-bochum.de http://www.bph.ruhr-uni-bochum.de
participants (3)
-
Christoph Wegener -
Olaf Kirch -
Thierry Lombardot