Linux Intrusion Detection System FAQ
Prev	Chapter 5. Configuring LIDS	Next

5.20. Why doesn't ssh or scp work when LIDS is enabled?

By default, ssh/scp try to use a privileged port for the source port when creating an outgoing connection. This requires the CAP_NET_BIND_SERVICE capability. However, you can specify the following option in the ssh_config file to force it to use a port above 1023 for the source port:
UsePrivilegedPort no
Or, you can grant CAP_NET_BIND_SERVICE to ssh (since scp uses ssh, it will work also):
lidsconf -A -s /usr/bin/ssh -o CAP_NET_BIND_SERVICE 22 -j GRANT

Prev	Home	Next
How do I give passwd the proper permissions to update the /etc/shadow file?	Up	Open-SSH won't start at boot time. LIDS reports that `bash` tried to access a hidden file. How can I fix this?