turn on privilege separation, as 3.2.1 default do.

requires sshd uid/gid as well as /var/empty directory.

UPDATING

@@ -1,4 +1,4 @@
-$NetBSD: UPDATING,v 1.60 2002/05/02 22:13:30 sommerfeld Exp $
+$NetBSD: UPDATING,v 1.61 2002/05/14 23:33:07 itojun Exp $
 
 This file is intended to be a brief introduction to the build
 process and a reference on what to do if something doesn't work.
@@ -8,6 +8,21 @@ For a more detailed description see Makefile.
 Recent changes:
 ^^^^^^^^^^^^^^^
 
+20020515:
+	sshd user/group has been added.  Need to hand add this in, or sshd
+	will not let you log in (with default, or UsePrivlegeSeparation=yes)
+
+	Add the following into /etc/group:
+
+	sshd:*:16:
+
+	and the following to /etc/master.passwd (via vipw):
+
+	sshd:*:16:16::0:0:sshd privsep:/var/empty:/sbin/nologin
+	
+	also /var/empty directory needs to be present (digged as a part of
+	build process).
+
 20020426:
 	NBUILDJOBS obsoleted in favor of just using -j.
 

crypto/dist/ssh/servconf.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: servconf.c,v 1.18 2002/05/13 02:58:18 itojun Exp $	*/
+/*	$NetBSD: servconf.c,v 1.19 2002/05/14 23:33:07 itojun Exp $	*/
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -235,9 +235,9 @@ fill_default_server_options(ServerOptions *options)
 	if (options->authorized_keys_file == NULL)
 		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
 
-	/* Turn privilege separation _off_ by default */
+	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
-		use_privsep = 0;
+		use_privsep = 1;
 }
 
 /* Keyword tokens. */

crypto/dist/ssh/sshd.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: sshd.c,v 1.20 2002/05/13 02:58:19 itojun Exp $	*/
+/*	$NetBSD: sshd.c,v 1.21 2002/05/14 23:33:08 itojun Exp $	*/
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -43,7 +43,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.240 2002/04/23 22:16:29 djm Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.241 2002/05/13 15:53:19 millert Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1295,6 +1295,14 @@ main(int ac, char **av)
 
 	/* This is the child processing a new connection. */
 
+	/*
+	 * Create a new session and process group since the 4.4BSD
+	 * setlogin() affects the entire process group.  We don't
+	 * want the child to be able to affect the parent.
+	 */
+	if (setsid() < 0)
+		error("setsid: %.100s", strerror(errno));
+
 	/*
 	 * Disable the key regeneration alarm.  We will not regenerate the
 	 * key since we are no longer in a position to give it to anyone. We
@@ -1686,8 +1694,6 @@ do_ssh2_kex(void)
 {
 	Kex *kex;
 
-/* KEXINIT */
-
 	if (options.ciphers != NULL) {
 		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
 		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;

crypto/dist/ssh/sshd_config

@@ -1,4 +1,4 @@
-#	$NetBSD: sshd_config,v 1.13 2002/05/13 02:58:19 itojun Exp $
+#	$NetBSD: sshd_config,v 1.14 2002/05/14 23:33:08 itojun Exp $
 #	$OpenBSD: sshd_config,v 1.52 2002/05/04 02:39:35 deraadt Exp $
 
 # This is the sshd server system-wide configuration file.  See sshd(8)
@@ -76,7 +76,7 @@
 #PrintLastLog yes
 #KeepAlive yes
 #UseLogin no
-#UsePrivilegeSeparation no
+#UsePrivilegeSeparation yes
 
 #MaxStartups 10
 # no default banner path