Hi,
When connecting to SSHD and authenticating as a user, in what sequence
are various processes launched (shell / shell with "-l" argument / sshd
child / login(1)), and in particular, at what stage are login.conf
settings enforced into the process context by login(1)?
I would guess this is what's described by the "LOGIN PROCESS" section
in the sshd(8) man page:
* A child SSHD process is spawned already at connect time, meaning
prior to step 1,
* Steps 1 up to 4 are run as root by the sshd child,
* login(1) is execve:ed at step "4. Changes to run with normal user
privileges.", and it will
* enforce login.conf settings in the process context (rlimits,
umask, etc.) while still root,
* change user, and
* execve /bin/sh (or sshd??) to perform the remaining steps (5-9)
* The user's shell (without "-l") is execve:ed in step 9.
http://man.openbsd.org/sshd.8#LOGIN_PROCESS
http://man.openbsd.org/login.conf.5
Also I'd guess it should be a similar process for SFTP, telnet, and
other authenticated services.
Is this any correctly understood?
Tinker
