45

Why does sshd require an absolute path when restarting, e.g /usr/sbin/sshd rather than sshd

Are there any security implications?

P.S the error message:

# sshd
sshd re-exec requires execution with an absolute path
daisy
  • 54,555

2 Answers2

41

This is specific to OpenSSH from version 3.9 onwards.

For every new connection, sshd will re-execute itself, to ensure that all execute-time randomisations are re-generated for each new connection. In order for sshd to re-execute itself, it needs to know the full path to itself.

Here's a quote from the release notes for 3.9:

  • Make sshd(8) re-execute itself on accepting a new connection. This security measure ensures that all execute-time randomisations are reapplied for each connection rather than once, for the master process' lifetime. This includes mmap and malloc mappings, shared library addressing, shared library mapping order, ProPolice and StackGhost cookies on systems that support such things

In any case, it is usually better to restart a service using either its init script (e.g. /etc/init.d/sshd restart) or using service sshd restart. If nothing else, it will help you verify that the service will start properly after the next reboot...

(original answer, now irrelevant: My first guess would be that /usr/sbin isn't in your $PATH.)

Jenny D
  • 13,172
11

This is to prevent someone from injecting a sshd program somewhere in one of the directories in your PATH and you inadvertently executing it. This post from 2004 already describes the issue.

vpseg
  • 13
Timo
  • 6,332
  • 1
    While that post describes the issue correctly, the conclusions drawn in the thread are erroneous. It's not a bug, it's a feature :-) – Jenny D Jan 15 '14 at 08:44
  • @JennyD Why do you think it is a bug? I never implied that. – Timo Jan 15 '14 at 13:31
  • In the post you linked to, one response was "Bug that crept in through the upgrade to the latest openssh". None of the answers in that thread mentioned the actual reason for requiring a full path - some mentioned the same reason you do, which is very plausible and shows why it's a good idea to use the full path for any program opening login possibilities. But that is not the actual reason for this particular program having that requirement. – Jenny D Jan 15 '14 at 13:39
  • "sshd from $PATH" is a known security flaw, allowing Black Hat to have a different sshd run – waltinator Apr 13 '22 at 19:00