Hi OpenSSH developers, "UsePrivilegeSeparation no" causes sshd to not use setuid when starting up. This is useful for running sshd without any privileges in the first place. That is, running sshd as an unprivileged user, rather than as root. There are a number of uses for this. In particular, I do this as part of a test suite, where I run sshd to test some code which uses the SSH protocol. Requiring root to run my test suite is quite undesirable. UsePrivilegeSeparation is currently deprecated, and prints a warning message when used. I suggest that UsePrivilegeSeparation should be explicitly supported for running sshd as non-root. Perhaps "UsePrivilegeSeparation no" should not print a warning message when sshd is running as non-root; or perhaps there should be a "UsePrivilegeSeparation unprivileged" which causes sshd to abort if it's running as root. Or perhaps something else entirely; in any case, I hope UsePrivilegeSeparation is not removed, since it is useful for this purpose. Thanks! _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
