connect-privsep.sh revision 225825
1225825Sdes# $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $ 298937Sdes# Placed in the Public Domain. 398937Sdes 498937Sdestid="proxy connect with privsep" 598937Sdes 6225825Sdescp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig 798937Sdesecho 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy 898937Sdes 998937Sdesfor p in 1 2; do 1098937Sdes ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 1198937Sdes if [ $? -ne 0 ]; then 1298937Sdes fail "ssh privsep+proxyconnect protocol $p failed" 1398937Sdes fi 1498937Sdesdone 15225825Sdes 16225825Sdescp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy 17225825Sdesecho 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy 18225825Sdes 19225825Sdesfor p in 1 2; do 20225825Sdes ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 21225825Sdes if [ $? -ne 0 ]; then 22225825Sdes # XXX replace this with fail once sandbox has stabilised 23225825Sdes warn "ssh privsep/sandbox+proxyconnect protocol $p failed" 24225825Sdes fi 25225825Sdesdone 26