Date: Mon, 30 Dec 2002 17:27:47 +0100 (CET) From: Thomas Quinot <thomas@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/46635: Can't ssh after su (/dev/tty permission denied) Message-ID: <20021230162747.3A851121@zuydcoote.int.act-europe.fr>
next in thread | raw e-mail | index | archive | help
>Number: 46635 >Category: bin >Synopsis: Can't ssh after su (/dev/tty permission denied) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Dec 30 08:30:02 PST 2002 >Closed-Date: >Last-Modified: >Originator: Thomas Quinot <thomas@freebsd.org> >Release: FreeBSD 5.0-DP2 i386 >Organization: >Environment: System: FreeBSD zuydcoote.int 5.0-DP2 FreeBSD 5.0-DP2 #0: Fri Dec 27 14:24:57 CET 2002 quinot@zuydcoote.int:/usr/src/sys/i386/compile/ZUYDCOOTE i386 >Description: If I su from one user to another, I am unable to make an outgoing ssh connection from the su'd shell using password authentication, because ssh tries (and fails) to open /dev/tty (which still belongs to the original user). This used to work on -STABLE because /dev/tty was not the same device as the actual tty device, and could therefore have 666 permissions (which make sense -- allowing each process to open its own controlling tty). >How-To-Repeat: zuydcoote# ls -l /dev/tty crw--w---- 1 root tty 5, 0 Dec 30 17:22 /dev/tty zuydcoote# su - quinot (quinot@zuydcoote) ~ $ ssh remote.host Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password,hostbased). (quinot@zuydcoote) ~ $ ls -l /dev/tty crw--w---- 1 root tty 5, 0 30 dec 17:22 /dev/tty >Fix: None known so far (apart from working around the problem by setting /dev/tty* to 0666...). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021230162747.3A851121>