Privsep is now required.

author: Darren Tucker <dtucker@dtucker.net> 2019-09-19 15:41:23 +1000
committer: Darren Tucker <dtucker@dtucker.net> 2019-09-19 15:41:23 +1000
commit: 5a273a33ca1410351cb484af7db7c13e8b4e8e4e (patch)
tree: bf54186a04ea1f0a2ced7fc902f191c1d1a13ab6 /README.privsep
parent: 8aa2aa3cd4d27d14e74b247c773696349472ef20 (diff)
1 files changed, 4 insertions, 7 deletions
diff --git a/README.privsep b/README.privsep
index 460e90565..d658c46db 100644
--- a/README.privsep
+++ b/README.privsep
@@ -5,13 +5,10 @@ escalation by containing corruption to an unprivileged process.
 More information is available at:
        http://www.citi.umich.edu/u/provos/ssh/privsep.html
-Privilege separation is now enabled by default; see the
+Privilege separation is now mandatory.  During the pre-authentication
-UsePrivilegeSeparation option in sshd_config(5).
+phase sshd will chroot(2) to "/var/empty" and change its privileges to the
+"sshd" user and its primary group.  sshd is a pseudo-account that should
-When privsep is enabled, during the pre-authentication phase sshd will
+not be used by other daemons, and must be locked and should contain a
-chroot(2) to "/var/empty" and change its privileges to the "sshd" user
-and its primary group.  sshd is a pseudo-account that should not be
-used by other daemons, and must be locked and should contain a
 "nologin" or invalid shell.
 You should do something like the following to prepare the privsep
author	Darren Tucker <dtucker@dtucker.net>	2019-09-19 15:41:23 +1000
committer	Darren Tucker <dtucker@dtucker.net>	2019-09-19 15:41:23 +1000
commit	5a273a33ca1410351cb484af7db7c13e8b4e8e4e (patch)
tree	bf54186a04ea1f0a2ced7fc902f191c1d1a13ab6 /README.privsep
parent	8aa2aa3cd4d27d14e74b247c773696349472ef20 (diff)

diff --git a/README.privsep b/README.privsep index 460e90565..d658c46db 100644 --- a/README.privsep +++ b/README.privsep
@@ -5,13 +5,10 @@ escalation by containing corruption to an unprivileged process.
5	More information is available at:	5	More information is available at:
6	http://www.citi.umich.edu/u/provos/ssh/privsep.html	6	http://www.citi.umich.edu/u/provos/ssh/privsep.html
7		7
8	Privilege separation is now enabled by default; see the	8	Privilege separation is now mandatory. During the pre-authentication
9	UsePrivilegeSeparation option in sshd_config(5).	9	phase sshd will chroot(2) to "/var/empty" and change its privileges to the
10		10	"sshd" user and its primary group. sshd is a pseudo-account that should
11	When privsep is enabled, during the pre-authentication phase sshd will	11	not be used by other daemons, and must be locked and should contain a
12	chroot(2) to "/var/empty" and change its privileges to the "sshd" user
13	and its primary group. sshd is a pseudo-account that should not be
14	used by other daemons, and must be locked and should contain a
15	"nologin" or invalid shell.	12	"nologin" or invalid shell.
16		13
17	You should do something like the following to prepare the privsep	14	You should do something like the following to prepare the privsep