Hi Michael,
i upgraded to the openssh-3.5p1-107 rpms over the weekend and now i've a problem with tunneling. i use an ssh tunnel to make irc connections, now when i make an irc connection over the tunnel i connect as user root instead of as the user i make the tunnel with:
ssh 6669:irc.freenode.net:6667 michael@host.domain.org
the sshd_config is the stock that came with the rpm. am i missing something?
--> I think you have just discovered that sshd is no longer running with priviledge separation. Have you compared the new sshd_config file form the rpm to the old one ? If priviledge separation is enabled, the main sshd daemon will fork a process running under the UID of the user logging in and this process will take care of the tunneling. But the default with the new rpm is that priviledge separation is disabled, i.d. the process handling the socket and taking care of the tunneling is running as root. This would explain your observation. Have you tried to switch on priviledge separation in sshd_config, then restart the server and do the same test ? What does it say now ? HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50