From owner-freebsd-current@FreeBSD.ORG  Sun Mar 30 17:59:58 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 94D0B37B401
	for <current@freebsd.org>; Sun, 30 Mar 2003 17:59:58 -0800 (PST)
Received: from remt30.cluster1.charter.net (remt30.cluster1.charter.net
	[209.225.8.40])	by mx1.FreeBSD.org (Postfix) with ESMTP id B298B43F3F
	for <current@freebsd.org>; Sun, 30 Mar 2003 17:59:57 -0800 (PST)
	(envelope-from glennpj@charter.net)
Received: from [24.158.214.251] (HELO gforce.johnson.home)
  by remt30.cluster1.charter.net (CommuniGate Pro SMTP 3.5.9b)
  with ESMTP id 1265288; Sun, 30 Mar 2003 20:59:56 -0500
Received: from gforce.johnson.home (localhost [127.0.0.1])
	by gforce.johnson.home (8.12.9/8.12.9) with ESMTP id h2V1xqCm003024;
	Sun, 30 Mar 2003 19:59:52 -0600 (CST)
	(envelope-from glenn@gforce.johnson.home)
Received: (from glenn@localhost)
	by gforce.johnson.home (8.12.9/8.12.9/Submit) id h2V1xppG003023;
	Sun, 30 Mar 2003 19:59:51 -0600 (CST)
Date: Sun, 30 Mar 2003 19:59:51 -0600
From: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
To: Rob B <rbyrnes@ozemail.com.au>
Message-ID: <20030331015951.GA2878@gforce.johnson.home>
Mail-Followup-To: Rob B <rbyrnes@ozemail.com.au>,
	Terry Lambert <tlambert2@mindspring.com>, current@freebsd.org
References: <20030328185710.GA805@node1.cluster.srrc.usda.gov>
	<5.2.0.9.2.20030331103734.0261e310@127.0.0.1>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.2.0.9.2.20030331103734.0261e310@127.0.0.1>
User-Agent: Mutt/1.5.4i
cc: current@freebsd.org
Subject: Re: ypserv and sshd not getting along in -current
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2003 02:00:02 -0000

On Mon, Mar 31, 2003 at 10:46:07AM +1000, Rob B wrote:

> At 02:55 PM 29/03/03, Terry Lambert sent this up the stick:
>
> >Glenn Johnson wrote:
> >
> >> I can not login to a box with FreeBSD 5 -current via ssh because I
> >> get the following error from ypserv:
> >>
> >> Mar 28 12:48:15 node1 ypserv[317]: access to master.passwd.byuid denied 
> >-- client 192.168.1.1:49344 not privileged
> >
> >man ypbind
> >
> >(-s is the magic incantation).
>
> I have the same issue, I tried Terry's suggestion but I don't think
> its working like it should:
> 
> On the client:
> aylee # ps fax|grep yp
>    252  ??  Is     0:0.62 /usr/sbin/ypbind -s
> 
> aylee # rpcinfo -p localhost|grep yp
>         100007   2   udp  1022    ypbind
>         100007   2   tcp   1023    ypbind
> 
> Tailing the server's log:
> Mar 31 10:10:39 erwin ypserv[92]: access to master.passwd.byuid denied -- 
> client 192.168.100.30:49255 not privileged
> 
> Why would the request be coming from a high port when I have
> specifically told it to bind to a low port?

The answer (work around) is to turn off PrivelegeSeparation in your
sshd_config file.

-- 
Glenn Johnson
glennpj@charter.net