Re: [PLUG] sshd as regular user

[brent saner via plug <plug@lists.phillylinux.org>]

On Wed, Jun 17, 2020, 16:29 Rich Freeman <r-plug@thefreemanclan.net> wrote:

On Wed, Jun 17, 2020 at 11:18 AM brent timothy saner via plug
<plug@lists.phillylinux.org> wrote:
>
> I actually managed to get this working in 8.3 (7.6 introduced a
> bugfix[0]). However, the caveats are:
>
> - it requires a configuration with some basic security features disabled

How many of those features are relevant given that it isn't running as
root in the first place?  sshd is security-sensitive because it is a
daemon that must run as root to login as any user, and it listens on a
publicly-accessible port.

Non-privileged ports spawned by regular users are publicly-accessible too. ;)

StrictModes was the one that concerned me the most. Even if the hostkeys, for instance, are chowned as the user, StrictModes still caused failure to start. Not to mention the running user would have potential to alter which keys are authorized for their account (something you can prevent with root sshd), modify the hostkeys, modify the sshd_config itself, and probably some other chicanery. You could change the user's default shell to mitigate SOME of these, but that often leads to an entirely new can of worms.

I didn't think to try it with chowning root:usergrp, setting it to a mode that would allow the invoking user to read but not modify the files, but I presume that wouldn't work either (as the whole purpose of StrictModes is to e.g. in part prevent non-root reading of private keys, etc.).

So while we aren't talking levels of rsh/telnet lack of security here, it does prevent some rather effective further mitigation measures.

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug