OpenSSH_4.1p1 hangs on exit using PAM/ChallengeResponse
From: Dustin Hoff (dustin+ssh_at_dustinhoff.com)
Date: Mon, 1 Aug 2005 17:29:47 -0400 To: firstname.lastname@example.org
I am having some problems with 4.1p1 on Solaris 2.6-8 using the RSA
PAM module (v5.3.2) for SecurID authentication. The initial login
works fine, but the session hangs when I exit and it doesn't close
until I kill the sshd on the server or close it with ~.. And no,
I'm not running anything in the background.
I have the following in /etc/pam.conf:
sshd auth required pam_securid.so
And the following relevant options in sshd_config:
This doesn't seem to be a general PAM problem because I don't have
the problem if I configure sshd to use pam_unix_auth.so.1 instead
of pam_securid.so. It also works if I disable ChallengeResponseAuth
and enable PasswordAuth (though it still uses the SecurID and not
the UNIX password), but the ChallengeResponse mode is much more
useful because it asks for the PASSCODE or PASSWORD depending on
specific RSA settings.
I also tried 3.9p1 just for kicks, but it had the same behavior.
Is this one of the "known" problems that the FAQ alludes to? Or
am I missing something trivial?
Thanks for any suggestions.