[Hcoop-discuss] Port forwarding and sshd option UsePrivilegeSeparation

Davor Ocelic docelic at hcoop.net
Wed Nov 2 11:08:36 EST 2005


On Tue, Oct 25, 2005 at 01:36:00PM -0400, Anil K. Narayanan wrote:
> I am trying to get port forwarding working with my account on
> fyodor. The firewall rule and socket permissions are in place for
> irc.freenode.net:6667 (for my login) but ssh complains saying 'channel
> 2: open failed: connect failed: Connection refused'.  I am however
> able to get hcoop.net:80 forwarded. This makes it look like the reason
> might be the sshd process running as root instead of my own login
> (considering the per user firewall rules that might be setup). So
> wanted to know if turning on the UsePrivilegeSeparation option in sshd
> configuration would affect us. And other ways I can get the
> forwarding working.

Well, I don't like privilege separation very much, I think it's a 
wrong solution for the wrong problem.

However, if we have some side benefits of using it, it's all fine
with me. I thought it was the default anyway.




More information about the HCoop-Discuss mailing list