Re: Who to run sshd as

I am not sure if you can run sshd as a non root user, or if you can, I think there will be problems like updating wtmp, etc.

Anyway... Try to set sshd to bind in a port greater than 1024(Port directive in sshd_config file).
If you want to bind to port 22 as a non root user try to put a rule in the nat table (in PREROUTING chain) like the following.

iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 6665 -j REDIRECT --to-ports 22

where 6665 is the port where sshd will listen
and eth0 the interface of your linux box

If you can make it to run as sshd as a different user successfully please give some tips



James Stickland wrote:
Hello, im running openssh 4.4p1 for Linux

I setuid the sshd binary to execute as a normal user "joe"
but that user does not have permission to bind the socket.

How can i have my sshd run as non-root, yet still bind the socket?

Relevant Pages

  • Non root sshd logging to file issues
    ... I have successfully ran sshd as a non root user on port 5678 and ... to a simple flat file owned by the non root user. ... Surely there must be a simple way for a nonroot user running sshd to log ...
  • Re: what is running on port 22?
    ... Bind to port 22 on failed. ... Looks like this one is a red herring. ... sshd always outputs this message at the end of its startup. ...
  • Re: ISPs supporting sshd on port 443?
    ... I run an instance of sshd on port 443 as well on most of my servers, due to firewall restrictions at some of my clients' sites. ... The only problem I have run into is if I'm running web services (apache in my case), I have to bind to specific IP's and ports in the apache conf on the machine, as if you let it try to bind to all addresses, Apache conflicts with sshd. ...
  • RE: Who to run sshd as
    ... but when ever someone logs in a child process starts ... privileges than you allow that user. ... Who to run sshd as ... but that user does not have permission to bind the socket. ...
  • Re: SSHD failing on restart
    ... |> Why is it failing to bind to the IP address on startup? ... | Someone else is already using port 22. ... This can also happen if sshd tries to start before the address is ...