[Replying to John Madden's recent post, which unfortunately I've
already deleted locally.]
John, the bulleted notes in the most recent Debian security advisory
on this matter cast some light on your experiences, and clear up the
/etc/ssh/sshd_config default-settings matter:
http://www.debian.org/security/2002/dsa-134
I notice that, contrary to what the advisory says, installing the Debian
Security Team's update package did _not_ create group sshd on my
systems, so I did so myself. Priv sep does appear to work as described.
(The advisory further confirms what you said about priv sep being the
default even without the keyword.)
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
