Re: openSSH problems.

From: Bill Unruh (unruh@string.physics.ubc.ca)
Date: 01/03/03


From: unruh@string.physics.ubc.ca (Bill Unruh)
Date: 3 Jan 2003 18:28:09 GMT


"phunk" <phunk@speedywombat.com> writes:

]I'm using openSSH 3.5p1 which I got from www.sunfreeware.com. The system is
]a relatively fresh install of SOlaris 8 (sparc), and everything WAS working
]fine up until about a week ago. Unfortunately I haven't been able to find
]any changes which have been made to cause this problem.

]Here's the problem (ip's and user names, etc. have been removed):

]Everytime someone other then root (which hasn't been blocked for obvious
]reasons), tries to ssh in to a specific sever they get this:

]> ssh -l [user_name] [server]
][username]@[server]'s password:
]Connection to [server] closed by remote host.
]Connection to [server] closed

]This is what gets dumped to /var/adm/messages for each attempt:

]Jan 3 10:36:36 [server] sshd[972]: [ID 800047 auth.info] Accepted password
]for [username] from [ip_address] port 33654 ssh2
]Jan 3 10:36:36 [server] sshd[974]: [ID 800047 auth.crit] fatal:
]login_get_lastlog: Cannot find account for uid [uid]
]Jan 3 10:36:36 [server] sshd[974]: [ID 800047 auth.crit] fatal:
]login_get_lastlog: Cannot find account for uid [uid]
]Jan 3 10:36:36 [server] sshd[974]: [ID 800047 auth.crit] fatal:
]login_get_lastlog: Cannot find account for uid [uid]
]Jan 3 10:36:36 [server] sshd[974]: [ID 833576 auth.debug] pam_setcred:
]error Authentication failed

]I've tried 'googling' it, but only get two hits neither of which applies to
]the situation. Telnet works fine and as I said root can ssh in fine as well
]which causes me to believe that the passwd file is just peachy. I've
]regenerated my keys, ripped out openssh and reinstalled it.

]Has anyone actually ever seen this problem before? I need a solution, but
]if someone can even just point me in the right direction I would be a happy
]camper.

a) look at /etc/passwd. Make sure that there are no empty lines in or at
the end of /etc/passwd. Look at /etc/shadow. make sure of the same.
b) Assuming that is OK, the problem seems to be the routing
lotin_get_lastlog.
Look at /var/log/wtmp and /var/log/utmp. Do a
last|less
and see if it reports properly.

Since root does not have this problem it looks like a permissions
problem to me.



Relevant Pages

  • Re: 2 SSH questions: why does it pause so much, and, can I keep connection alive?
    ... >I believe the server is behind a firewall. ... When a packet arrives, its source IP, ... then the connection is added to the state table. ... > Iım running OpenSSH 3.6.1 on Mac OSX. ...
    (comp.security.ssh)
  • Re: Problems with SSHD
    ... I am having a big problem with the OpenSSH Daemon on my server. ... when the connection is always getting dropped. ... process I see this on disconnect ...
    (freebsd-questions)
  • Problems with SSHD
    ... I am having a big problem with the OpenSSH Daemon on my server. ... when the connection is always getting dropped. ... process I see this on disconnect ...
    (freebsd-questions)
  • RE: problems when opening an ssh session
    ... this is the sshd_config on the openssh 3.5p1 server (to where the connection ... >So I can open an ssh session with the 3.5p1 server but not with the ...
    (SSH)
  • OpenSSH Problem with disconnects
    ... I am having a big problem with the OpenSSH Daemon on my server. ... when the connection is always getting dropped. ... process I see this on disconnect ...
    (freebsd-questions)