Re: Public key Authentication broken under HP-UX?
From: Ted Pardike (tpardike_at_utah.gov)
Date: Wed, 24 Sep 2003 15:42:43 -0600 To: <email@example.com>
I have had problems with previous releases not automatically
configuring with the defaults. So, I use the following to configure:
CCOPTS="-I /opt/sys_utils/include -L /opt/sys_utils/lib"
CFLAGS="+O3 +ESlit +Optrs_strongly_typed"
./configure --prefix=/opt/openssh \
So, "--with-pam" was specified.
I saw the thread "SSHD 3.7.1p2 on HP-UX" on the openssh-unix-dev list.
Security issues aside, is it safe to presume that I should stay with
3.6.1p1 until the HP-UX (Trusted) issues get worked out?
Also, is it the PAM/HP-UX issues that are preventing public key
authentication above 3.6.1p1?
>>> Darren Tucker <firstname.lastname@example.org> 9/24/2003 3:00:51 PM >>>
Ted Pardike wrote:
> Thank-you for the reply.
> By the way, I tried 3.7.1p2 yesterday, and things are just getting
> worse (I think it may be a PAM issue).
> Messages found in syslog:
> sshd: User tpardike not allowed because account is locked
> sshd: input_userauth_request: illegal user tpardike
As it says in the release notes, UsePAM now defaults to "no", you
need to put "UsePAM yes" into your sshd_config. Unfortunately, there
problem with non-PAM authentication on Trusted Mode HP-UX, see:
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.