After upgrading to the latest OpenSSH version 3.4p1, a couple of my backup scripts failed w/ "Permission denied.". After, I disabled privsep w/ "UsePrivilegeSeparation no", the backup scripts started working again. Of course, I would like to re-enable privsep. If additional information from me would be helpful, please don't hesitate to ask.
Seeing this here too; it appears that when auth2.c:userauth_finish is called, forced_command has been cleared (or perhaps, never set in that forked sshd) so the call to auth_root_allowed(method) returns 0. The following patch makes forced-command logins as root work again, but I doubt this is the right fix. In fact the below may have serious problems; no warranties. Looking at (but not testing) today's snapshot, this appears to still be a problem. If so I'm surpised more people haven't run into this...? --- openssh-3.4p1/auth2.c Fri Jun 21 02:21:11 2002 +++ openssh-3.4p1-hap-2/auth2.c Fri Jul 12 15:35:52 2002 @@ -206,6 +206,7 @@ /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && + !options.permit_root_login == PERMIT_FORCED_ONLY && !auth_root_allowed(method)) authenticated = 0;
*** This bug has been marked as a duplicate of 387 ***
Mass change of RESOLVED bugs to CLOSED