RE: non-root login problems
From: Aaron Roberts (aaron@domicilium.com)
Date: 12/18/02
- Previous message: Markus Friedl: "Re: Replacing non-interactive ftp connections with sftp?"
- Maybe in reply to: Aaron Roberts: "non-root login problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 Dec 2002 14:45:27 -0000 From: "Aaron Roberts" <aaron@domicilium.com> To: <secureshell@securityfocus.com>
Hi Pierre,
sshd_config is in the right place, I had to alter it to 'PermitRootLogin yes'.
Thanks,
Aaron
-----Original Message-----
From: Pierre Lamy [mailto:pierre@userid.org]
Sent: 17 December 2002 18:12
To: Aaron Roberts
Subject: Re: non-root login problems
Is the ssh config file the same place as before?
Check /usr/local/etc
P
Aaron Roberts wrote:
>Hi all,
> I've just upgraded from openssh-3.0.2p1 to openssh-3.4p1 on a RedHat 7.1 Linux machine.
>
>sshd runs fine, but I can no longer login except with username root!
>
>What puzzles me is that the exact same useraccount could login ok before the upgrade - I have also performed the same upgrade on other similar systems with no problem.
>
>Does anyone have any ideas?
>
>Many thanks,
> Aaron
>
>I have included configure options, debug output and sshd_config below, I'm using PuTTY 0.51 to connect:
>
>---------------------------------------------
>
>CFLAGS="-O3 -march=i686 -mcpu=i686 -funroll-loops" \
> ./configure \
> --prefix=/usr \
> --sysconfdir=/etc/ssh \
> --libexecdir=/usr/libexec/openssh \
> --mandir=/usr/share/man \
> --with-pam \
> --with-ipaddr-display \
> --with-ipv4-default \
> --with-md5-passwords
>
>------------------------------------------
>
>[root@betty /]# sshd -d
>
>debug1: sshd version OpenSSH_3.4p1
>debug1: private host key: #0 type 0 RSA1
>debug1: read PEM private key done: type DSA
>debug1: private host key: #1 type 2 DSA
>debug1: read PEM private key done: type RSA
>debug1: private host key: #2 type 1 RSA
>debug1: Bind to port 22 on 0.0.0.0.
>Server listening on 0.0.0.0 port 22.
>Generating 768 bit RSA key.
>RSA key generation complete.
>debug1: Server will not fork when running in debugging mode.
>Connection from x.x.x.x port 1409
>debug1: Client protocol version 2.0; client software version PuTTY
>debug1: no match: PuTTY
>Enabling compatibility mode for protocol 2.0
>debug1: Local version string SSH-1.99-OpenSSH_3.4p1
>debug1: list_hostkey_types: ssh-dss,ssh-rsa
>debug1: SSH2_MSG_KEXINIT sent
>debug1: SSH2_MSG_KEXINIT received
>debug1: kex: client->server 3des-cbc hmac-sha1 zlib
>debug1: kex: server->client 3des-cbc hmac-sha1 zlib
>debug1: dh_gen_key: priv key bits set: 195/384
>debug1: bits set: 491/1024
>debug1: expecting SSH2_MSG_KEXDH_INIT
>debug1: bits set: 507/1024
>debug1: kex_derive_keys
>debug1: newkeys: mode 1
>debug1: Enabling compression at level 6.
>debug1: SSH2_MSG_NEWKEYS sent
>debug1: waiting for SSH2_MSG_NEWKEYS
>debug1: newkeys: mode 0
>debug1: SSH2_MSG_NEWKEYS received
>debug1: KEX done
>debug1: userauth-request for user remote service ssh-connection method password
>debug1: attempt 0 failures 0
>debug1: Starting up PAM with username "remote"
>debug1: PAM setting rhost to "x.x.x.x"
>debug1: PAM Password authentication accepted for user "remote"
>Accepted password for remote from x.x.x.x port 1409 ssh2
>Accepted password for remote from x.x.x.x port 1409 ssh2
>debug1: monitor_child_preauth: remote has been authenticated by privileged process
>debug1: PAM establishing creds
>debug1: newkeys: mode 0
>debug1: newkeys: mode 1
>debug1: Entering interactive session for SSH2.
>debug1: fd 7 setting O_NONBLOCK
>debug1: fd 8 setting O_NONBLOCK
>debug1: server_init_dispatch_20
>debug1: server_input_channel_open: ctype session rchan 100 win 32768 max 16384
>debug1: input_session_request
>debug1: channel 0: new [server-session]
>debug1: session_new: init
>debug1: session_new: session 0
>debug1: session_open: channel 0
>debug1: session_open: session 0: link with channel 0
>debug1: server_input_channel_open: confirm session
>debug1: server_input_channel_req: channel 0 request pty-req reply 1
>debug1: session_by_channel: session 0 channel 0
>debug1: session_input_channel_req: session 0 req pty-req
>login_get_lastlog: Cannot find account for uid 500
>debug1: Calling cleanup 0x80699a0(0x0)
>debug1: channel_free: channel 0: server-session, nchannels 1
>debug1: Calling cleanup 0x8054470(0x0)
>debug1: Calling cleanup 0x8078300(0x0)
>debug1: Calling cleanup 0x8054470(0x0)
>debug1: Calling cleanup 0x8078300(0x0)
>
>-------------------------------------------------
>
>Port 22
>ListenAddress 0.0.0.0
>HostKey /etc/ssh/ssh_host_key
>HostKey /etc/ssh/ssh_host_dsa_key
>HostKey /etc/ssh/ssh_host_rsa_key
>ServerKeyBits 768
>LoginGraceTime 60
>KeyRegenerationInterval 3600
>PermitRootLogin yes
>IgnoreRhosts yes
>IgnoreUserKnownHosts yes
>StrictModes yes
>X11Forwarding no
>PrintMotd yes
>KeepAlive yes
>SyslogFacility AUTH
>LogLevel INFO
>RhostsAuthentication no
>RhostsRSAAuthentication no
>RSAAuthentication yes
>PasswordAuthentication yes
>PermitEmptyPasswords no
>AllowUsers aaron2 aaron remote 500 root
>PAMAuthenticationViaKbdInt yes
>Subsystem sftp /usr/libexec/openssh/sftp-server
>
>--------------------------------------------------
>
>Aaron Roberts mailto:aroberts@domicilium.com
>Technical Support Engineer
>Domicilium (IOM) Ltd.
>32-34 Malew Street
>Castletown
>Isle of Man
>IM9 1AF
>Tel: 01624 825278
>Fax: 01624 829525
>http://www.domicilium.com
>
>
- Next message: vijay.somaya@orbitech.co.in: "Openssh-3.5, Kerberos 5 support"
- Previous message: Markus Friedl: "Re: Replacing non-interactive ftp connections with sftp?"
- Maybe in reply to: Aaron Roberts: "non-root login problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
