OpenSSH 4.2_p1 worked fine.

did a system update (emerge -avtDNu world). One of the updates was to OpenSSH 4.3_p1.

I didn't restart the daemon myself, but I found that all login attemps succeeded but exited immediately, with "fatal: mm_receive_fd: UsePrivilegeSeparation=yes not supported" appearing in syslog.

UsePrivilegeSeparation=yes is a _default_ for OpenSSH, I had to explicitly set it to no in the config file before anyone could log in. I'm lucky I leave lots of ssh sessions open since it's a massive hassle to plug a screen and keyboard into the server.

I couldn't find any use flags that look relevant, and google only turned up one or two messages related to 3.5 without responses, and a bunch of mirrors.

Why can OpenSSH not use its own default option?




# emerge info
Portage 2.1_pre4-r1 (default-linux/x86/2005.1, gcc-3.4.5, glibc-2.3.6-r3, 2.6.14-gentoo.peladrine i686)
=================================================================
System uname: 2.6.14-gentoo.peladrine i686 AMD Duron(tm) Processor
Gentoo Base System version 1.12.0_pre16
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.4 [enabled]
dev-lang/python:     2.3.5, 2.4.2-r1
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1-r1
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r3
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -pipe               -march=athlon-tbird             -maccumulate-outgoing-args              -momit-leaf-frame-pointer               -mfpmath=387            -mtune=athlon-tbird                             -fexpensive-optimizations              -fmove-all-movables             -fomit-frame-pointer            -fprefetch-loop-arrays          -frerun-cse-after-loop          -frerun-loop-opt                "
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/init.d /etc/env.d"
CXXFLAGS="-O2 -pipe             -march=athlon-tbird             -maccumulate-outgoing-args              -momit-leaf-frame-pointer               -mfpmath=387            -mtune=athlon-tbird                             -fexpensive-optimizations              -fmove-all-movables             -fomit-frame-pointer            -fprefetch-loop-arrays          -frerun-cse-after-loop          -frerun-loop-opt                 -fvisibility-inlines-hidden"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache distcc distlocks fixpackages sandbox sfperms strict"
GENTOO_MIRRORS="http://mirror.pacific.net.au/linux/Gentoo http://mirror.aarnet.edu.au/pub/gentoo/ http://mirror.isp.net.au/pub/gentoo/"
MAKEOPTS="-j6"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://mirror.wa.3fl.net/gentoo-portage"
USE="3dnow 3dnowext X509 a52 aac acpi aio alsa apache2 apm async atm automount avi bash-completion berkdb big-tables bind-mysql bitmap-fonts buffysize bzip2 bzlib caps cgi cli crypt curl dba dedicated divx4linux djbfft dts dvd eds emboss encode erandom exif extensions fame fastcgi foomaticdb fortran ftp gd gdbm gif glibc-omitfp gnutls gpm gstreamer gtk2 hardenedphp hpn html idn imagemagick imagemajick imlib inifile ipv6 ithreads jpeg junit libg++ libwww linuxthreads-tls logrotate lzo mad math mbox memlimit mhash mikmod mime mjpeg mmap mmx mmxext mod_perl mod_php mp3 mpeg mpm-worker mysql mysqli ncurses nethack network nls nocd nojoystick novideo nptl offensive ogg oggvorbis oss pam pam_chroot pam_console pam_timestamp pcre pdflib perl php png posix pvm python readline samba screen session shared sharedext soap sockets socks5 sse ssl sysfs tcpd threads tokenizer truetype-fonts type1-fonts unicode urandom usb userlocales utf8 vhosts vorbis win32codecs x86 xinetd xml xml2 xmlrpc xsl xvid yv12 zip zlib elibc_glibc kernel_linux userland_GNU"
Unset:  ASFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LANG, LC_ALL, LDFLAGS, LINGUAS