All,
I have been playing with sshd for a while, but still haven't gotten it to work on my system. I set up my rc.local file per kb7sqi's instructions and prngd is installed and running. But it appears that sshd is not running on my system. When I try to confirm with the ps-aux command, it is not there. As root, I tried to manually load it and get the following error:
root@olympic/usr/local/sbin$sshd
This platform does not support both privilege separation and compression
Compression disabled
Privilege separation user sshd does not exist
After running this command, verifying with ps-aux, there is no sshd loaded.
root@olympic/usr/local/sbin$ps -aux
USER PID %CPU %MEM VSIZE RSIZE TT STAT TIME COMMAND
root 204 0.2 7.7 20.0M 2.48M ? SW 0:06 - console (WindowServer)
root 205 0.2 6.1 5.73M 1.96M ? SW 0:06 - console (loginwindow)
root 1 0.0 0.3 736K 96K ? SW 0:00 /usr/etc/init -xx
root -1 0.0 9.1 17.3M 2.90M ? S < 0:00 <mach-task>
root -1 0.0 0.0 0K 0K ? S 0:00 <mach-task>
root 2 0.0 0.4 768K 136K co SW 0:00 (mach_init)
root 3 0.0 3.1 2.99M 1000K ? SW 0:01 /usr/etc/kern_loader -n
root -1 0.0 0.0 0K 0K ? ?W< 0:00 <mach-task>
root 90 0.0 1.0 1.58M 320K ? SW 0:00 /usr/etc/syslogd
root 23 0.0 1.7 6.73M 560K ? S 0:00 (nmserver)
root 100 0.0 1.0 1.59M 312K ? SW 0:00 /usr/etc/nibindd
root 101 0.0 1.3 1.63M 440K ? SW 0:01 /usr/etc/netinfod local
root 105 0.0 1.3 1.67M 432K ? SW 0:00 (lookupd)
root 110 0.0 0.5 1.65M 152K ? S 0:00 (biod)
root 111 0.0 0.5 1.65M 152K ? S 0:00 (biod)
root 113 0.0 0.5 1.65M 152K ? S 0:00 (biod)
root 95 0.0 0.8 1.57M 272K ? SW 0:00 /usr/etc/portmap
root 122 0.0 0.7 1.69M 240K ? SW 0:00 (autonfsmount)
root 128 0.0 0.5 1.68M 168K ? S 0:00 (bootpd)
root 112 0.0 0.5 1.65M 152K ? S 0:00 (biod)
root 137 0.0 1.0 1.58M 336K ? SW 0:00 (inetd)
root 143 0.0 1.1 1.70M 352K ? S 0:00 -accepting connections (sen
root 148 0.0 1.2 2.13M 384K ? SW 0:00 (lpd)
root 157 0.0 0.6 2.12M 192K ? SW 0:00 /usr/lib/lpd
root 159 0.0 1.2 1.74M 384K ? SW 0:00 (pbs)
root 170 0.0 1.7 3.71M 544K ? SWN 0:00 (npd)
root 171 0.0 1.1 1.69M 360K co SW 0:06 /usr/local/sbin/prngd /etc/
root 188 0.0 1.1 2.48M 360K co SW 0:00 (stunnel)
root 190 0.0 1.4 2.18M 448K co SW 0:00 (ISLicenseServer)
root 196 0.0 0.5 1.65M 160K ? SW 0:00 update
root 199 0.0 0.9 1.65M 288K ? SW 0:00 (cron)
root 0 0.0 9.1 17.3M 2.90M ? R N 16:39 (kernel idle)
root 131 0.0 1.0 1.58M 312K ? SW 0:00 (rpc.bootparamd)
root -1 0.0 0.0 0K 0K ? S 0:00 <mach-task>
root -1 0.0 0.0 0K 0K ? S 0:00 <mach-task>
root 211 0.0 1.2 1.61M 400K p0 SW 0:02 telnetd
brian 212 0.0 2.9 2.10M 944K p0 SW 0:01 -bash (bash)
root 224 0.0 2.8 2.10M 920K p0 SW 0:01 su
root 254 0.0 1.7 1.96M 568K p0 R 0:00 ps -aux
root@olympic/usr/local/sbin$
I tried both the default sshd_config file and uncommenting the line port 22. But it has made no difference.
Any help would be appreciated.
Brian
"Privilege separation user sshd does not exist" - This may be a clue..
Thanks,
I added the sshd group and sshd user to netinfo and also in the /etc/group and /etc/passwd files. I used 27 for both the gid and uid. The daemon is loading now on port 22. I still can't login remotely, but at least I am making some progress.
When I attempt to login, I get:
brian@Brians-MacBook-Pro:~$ ssh 10.0.1.200
brian@10.0.1.200's password:
Connection to 10.0.1.200 closed by remote host.
Connection to 10.0.1.200 closed.
brian@Brians-MacBook-Pro:~$
I think I'm going to quit for the day and then play with the sshd_config file tomorrow.
Brian
I had this all setup. I am being forced to reload it all.
In your sshd.config file, look for #UsePrivilegeSeperation yes
Take away the comment # sign and change yes to no
Reboot
nextstep and openstep did not have POSIX authentication seperation available in PRNGD
-Jeff
Thanks for that last bit of advice. sshd is up and running on my system now.
Great. And you are very welcome.