[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSHD Wierdness
-----BEGIN PGP SIGNED MESSAGE-----
At 14:53 -0600 on 9/1/99, Michael Shutes wrote:
> this really isn't a OBSD specific question, but an SSHD question. I thought
> someone here might have an answer.
> Has anyone else noticed that if you run sshd as root or from inetd on a box
> (almost any platform, I've seen it happen on Irix, AIX, and Linux now), and
> you attempt to use the ssh client from that box to elsewhere it picks a
> random port BELOW 1024, for any given user?
> WTF? the client is sourcing from privileged ports, this annoys me.
> I'm just wondering why the hell it does that.
> Anybody know?
> Michael Shutes
> "So long as they don't get violent, I want to let everyone say what
> they wish, for I myself have always said exactly what pleased me."
> -- Albert Einstein
See sshconnect.c in ssh_create_socket():
/* If we are running as root and want to connect to a privileged port,
bind our own socket to a privileged port. */
Also see ssh(1), specifically the -P option.
It's tradition, and even a tradition that has reasons behind it. This comes
from rsh, and .rhosts/hosts.equiv authentication. Connections with .rhosts
auth to priv ports fail if the origin port isn't also privileged.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
-----END PGP SIGNATURE-----