Non-forking sshd?

From: Jan Kokoska (kokoska.jan_at_globe.cz)
Date: 12/15/03

  • Next message: Spiewak, Jakub: "RE: how to copy filename with spaces using scp"
    To: secureshell@securityfocus.com
    Date: Mon, 15 Dec 2003 15:14:56 +0100
    
    

    Hello,

    I am looking for a suggestion regarding my desired use of sshd:

    Some of the situations I would like to use ssh to connect to a remote
    server are when the system is in faulty state, unable to fork more
    processes. Ssh is the only means of actualy fixing it, instead of
    rebooting it, and I am curious if there's any suggested way to get
    around this?

    Even if i had a non-forking sshd in debug mode running on some esotheric
    port accepting only root key, not password (as the sshd:22 in my setup
    does anyway), for one-time sysadmin use, it couldn't fork a process to
    run /bin/bash.

    Do you think it would be reasonable to try and hack the source in
    attempt to prefork bash? (Could be a quick and dirty fix, not assuming
    any other user than root, hence no problems with suid).

    Or is there some other known way you suggest instead?

    Please CC me on reply as I'm not subscribed.

    Thanks for your brain cycles :-)

    Regards,

    -- 
    Jan Kokoska - Programator IT aplikaci
    =========================
    kokoska.jan@globe.cz
    Mobil: +420 728 286 070
    ICQ:   85 53 59 04
    =========================
    Globe Internet, s.r.o. - http://globe.cz
    Planickova 1, 162 00 Praha 6 - http://mapa.globe.cz
    

  • Next message: Spiewak, Jakub: "RE: how to copy filename with spaces using scp"

    Relevant Pages

    • Re: (Q) ssh without password verification -- change in RH-8.0 ?
      ... >sshd will not accept. ... Thanks for the suggestion. ... But "ssh -v" solved my problem -- ... I was forgetting we are all American now. ...
      (comp.os.linux.security)
    • Re: ssh with tcp_wrappers!! contd/-
      ... Thanks a lot for such a huge response, of course typing mistake, i was using DenyHost not DenyGhost; as suggested by david and others i did this, ... Login, as root, to my Linux system containing the sshd server. ... i am not willing to compile openssh package is there any way out via rpm installation. ... Then try to ssh to localhost. ...
      (RedHat)
    • Re: use ipchains to block all ports > 60,000
      ... else going on here except sshd which allows me to log in and monitor the ... Telnet not running but here's the ouput of ssh -V and sshd -V ... OK, ran that from an external box and it showed open ports 22, 80, plus ... My ISP looked for evidence of massive scans emanating from my ip address ...
      (comp.os.linux.security)
    • remote administration of upgrades
      ... server that I administer runs FreeBSD 4.8, ... have ssh access to ... don't want to fubar sshd and then not be able to ... kill only the ...
      (freebsd-questions)
    • Re: Is OpenSSH 3.5p1 secure?
      ... Do not allow root access over ssh. ... Do allow access over ssh for one and only one user. ... Here are a couple specific recommendations for you that you may wish ... Make sure your Protocol 2 RSA or DSA sshd keys are at the very ...
      (comp.security.ssh)