Splitting of sshd binaries in 9.8?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

I realize that the splitting of the sshd binaries is a work in progress.
 Nonetheless I am trying to make a diagram of the situation as of 9.8.
How close have I gotten?

Is it correct that currently for a basic session, binaries are run four
ways?

1. A privileged binary to listen for incoming connections (66717 below)

2. A privileged session monitor to track the session, for the duration
of the session (1095 below)

3. A temporary, unprivileged binary to negotiate the key exchange and
the authentication with the privileged monitor (6801 below)

4. An unprivileged binary running as the main account for the duration
of the session (95350 below)

Here is what I am seeing with ps:

$ ps -ax -o user,pid,ppid,args | grep [s]shd
root     66717     1 sshd: /usr/sbin/sshd [listener] 0 of 10-100
startups (sshd)

$ ps -ax -o user,pid,ppid,args | grep [s]shd
root     66717     1 sshd: /usr/sbin/sshd [listener] 1 of 10-100
startups (sshd)
root      1095 66717 sshd-session: lars [priv] (sshd-session)
sshd      6801  1095 sshd-session: lars [net] (sshd-session)

$ ps -ax -o user,pid,ppid,args | grep [s]shd
root     66717     1 sshd: /usr/sbin/sshd [listener] 0 of 10-100
startups (sshd)
root      1095 66717 sshd-session: lars [priv] (sshd-session)
lars     95350  1095 sshd-session: lars@ttyp1 (sshd-session)

And here is an ASCII art interpretation sequence, partially based on
Niels Provos' privilege separation diagram from 2003:

+----------+
|  priv    | <========================================= New Connection
| listener |
|  (root)  |
|          |
|          |  +---------+
|          +--+  priv   |
|          |  | session |
|          |  | monitor |
|          |  | (root)  |                  +--------+
|          |  |         +------------------+ unpriv |
|          |  |         |                  |   net  | ==> Key Exchange
|          |  |         |                  | (sshd) | <==
|          |  |         |                  |        |
|          |  |         |                  |        | ==> Authentication
|          |  |         |                  |        | <==
|          |  |         | <== Req Auth === |        |
|          |  |         | = Auth Result => |        |
|          |  |         |                  +--------+
|          |  |         |
|          |  |         |                  +---------+
|          |  |         +------------------+ unpriv  |
|          |  |         |                  | session |
|          |  |         | <== Req PTY ==== | (lars)  |
|          |  |         | === Pass PTY ==> |         |
|          |  |         |                  |         | ==> Net traffic
|          |  |         |                  |         | <==
+----------+  +---------+                  +---------+

Have I missed or misinterpreted anything?

Thanks.
/Lars
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux