Error with PAM and OpenSSH 3.7.1p1 on Solaris 8

From: Andreas DahlÚn (andreas.dahlen_at_nbit.sigma.se)
Date: 09/19/03

  • Next message: Mac Schwarz: "Re: new openssh on openbsd 3.2"
    Date: Fri, 19 Sep 2003 10:45:40 +0200
    To: secureshell@securityfocus.com
    
    

    Hello!

    When I built 3.7.1p1 (and 3.7p1) with PAM support I can't login.
    The same beahvior is regardless client (tried SecureCRT, Putty, ssh 3.7.1p2, ssh 3.4p1), so it has to be some problem with the server.

    When running 3.6.1p2 login via PAM worked fine.

    OpenSSH is configured withe the following:
    ./configure --prefix=/usr/local --with-pam --with-rand-helper

    Output from sshd -d:
    debug1: sshd version OpenSSH_3.7p1
    debug1: read PEM private key done: type RSA
    debug1: private host key: #0 type 1 RSA
    debug1: read PEM private key done: type DSA
    debug1: private host key: #1 type 2 DSA
    debug1: Bind to port 2222 on ::.
    Server listening on :: port 2222.
    debug1: Bind to port 2222 on 0.0.0.0.
    Server listening on 0.0.0.0 port 2222.
    debug1: Server will not fork when running in debugging mode.
    Connection from 10.11.12.13 port 4708
    debug1: Client protocol version 2.0; client software version 3.4.4 SecureCRT
    debug1: no match: 3.4.4 SecureCRT
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.7p1
    debug1: permanently_set_uid: 106/101
    debug1: list_hostkey_types: ssh-rsa,ssh-dss
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: client->server aes128-cbc hmac-md5 zlib
    debug1: kex: server->client aes128-cbc hmac-md5 zlib
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
    debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    debug1: Enabling compression at level 6.
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: KEX done
    debug1: userauth-request for user LOGINUSER service ssh-connection
    method none
    debug1: attempt 0 failures 0
    debug1: PAM: initializing for "LOGINUSER"
    debug1: PAM: setting PAM_RHOST to "hostname.example.com"
    debug1: PAM: setting PAM_TTY to "ssh"
    Failed none for LOGINUSER from 10.11.12.13 port 4708 ssh2
    Failed none for LOGINUSER from 10.11.12.13 port 4708 ssh2
    debug1: userauth-request for user LOGINUSER service ssh-connection
    method password
    debug1: attempt 1 failures 1
    Accepted password for LOGINUSER from 10.11.12.13 port 4708 ssh2
    debug1: monitor_child_preauth: LOGINUSER has been authenticated by
    privileged process
    Accepted password for LOGINUSER from 10.11.12.13 port 4708 ssh2
    PAM: pam_open_session(): Can not make/remove entry for session
    debug1: Calling cleanup 0x4b878(0x0)
    debug1: Calling cleanup 0x3fcb4(0x0)
    debug1: PAM: cleanup
    debug1: Calling cleanup 0x3fcb4(0x0)
    debug1: PAM: cleanup

    /Andreas


  • Next message: Mac Schwarz: "Re: new openssh on openbsd 3.2"

    Relevant Pages

    • OpenSSH 3.5p1 port forwarding problem on Solaris 2.8
      ... I'm trying to use port forwarding to get a SqlNet connections back thru ... This gets a Connection refused. ... debug1: Rhosts Authentication disabled, ...
      (comp.security.ssh)
    • Re: OPENSSH 3.4p1-3 on AIX 4.3.3
      ... Teh debug output from the server is exactly the same, ... another port. ... reverse dns setup properly for that client? ... debug1: Server will not fork when running in debugging mode. ...
      (SSH)
    • SSH Port forwarding does not work
      ... I am attempting connect via remote desktop from my home computer ... attempting to ssh from the Vista computer to my home machine, and port ... debug1: Connection established. ... All remote forwarding requests processed ...
      (comp.security.ssh)
    • Re: OpenSSH and pam_radius_auth.so
      ... ::ffff:10.4.148.59 port 1195 ssh2 ... debug1: PAM: num PAM env strings 0 ...
      (comp.security.ssh)
    • ssh: acces denied (only from remote network)
      ... ListenAddress:: ... owl:/home/mitja# debug1: read PEM private key done: type RSA ... Bind to port 22 on 0.0.0.0. ... Server listening on 0.0.0.0 port 22. ...
      (comp.os.linux.networking)