Re: Every ssh login gives authentication failure log though connection work

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 01/09/04 

Date: Fri, 9 Jan 2004 04:49:40 +0000 (UTC)

dtucker@dodgy.net.au (Darren Tucker) writes:

]In article <btkptm$up8$1@string.physics.ubc.ca>,
]Bill Unruh <unruh@string.physics.ubc.ca> wrote:
]>Ever time I log onto my machine from another using ssh, whether by
]>automatic login (rsa login) or via password gives me a
]>Dec 31 04:06:01 string sshd(pam_unix)[2246]: authentication failure;
]>logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=wormhole user=able
]>
]>message in the log file, although the login succeeds (as it should)
]>
]>Any idea why these log messages would be appearing?

]http://www.openssh.com/faq.html#3.1

I have PermitEmptyPasswords no in my file already. So that is not it.
But it
does seems to be something to do with pam_unix authentication (in
pam.d/system_auth) (the line
auth sufficient /lib/security/pam_unix.so likeauth nullok
removes the error message. Of course it also removes my ability to log
into any account on the machine as well, so it was just as well I
already had a root login active.
But these messages are occuring when I log in whether using a password
or using RSA authentication.
It seems that sshd calls on pam to authenticate befor anything has
occured (ie not RDA/DSA tokens have been passed and no password has been
requested), maybe to see if there is user with a null password (ie it
requests pam authentication with no password and see if it fails or
succeeds.) This seems the only possibility consistant with the facts.
It is not clear why it does so if the PermitEmptyPasswords is no.

It is certainly a pain as my log files get innundated with these
messages, as I use an ssh with RSA authentication to perform periodic
tasks.

Relevant Pages

  • RE: ssh authentication with RSA SECURID
    ... I used to work for RSA and am now an independent consultant with some 10 ... SecurID integrations with SSH for US based customers. ... SFTP, without any authentication! ... Integrate the ACE/Agent APIs directly with the SSH source code. ...
    (SSH)
  • Re: Enabling telnet, ftp, pop3 for root...
    ... if you allow root login without ... Where did I say ANYTHING about not using authentication. ... If you dissallow direct root login, ... The ssh account is only used for remote login. ...
    (alt.os.linux)
  • OpenSSH_3.0.2p1 root cannot login with password
    ... Root can only ssh in with RSA, ... It almost seems as if it's thinking that "Password Authentication" is ... files or program output, but since I bet I'm just missing something, ...
    (comp.security.ssh)
  • sshd, pam and password expiration
    ... FreeBSD 4.3-RELEASE box. ... Upon login, the following message appears: ... /etc/pam.conf has the following lines relevant to ssh: ... Server responded "No further authentication methods available". ...
    (FreeBSD-Security)
  • Re: OpenSSH_3.0.2p1 root cannot login with password
    ... > I am able to ssh in to any normal account using RSA or password ... > Root can only ssh in with RSA, ... > It almost seems as if it's thinking that "Password Authentication" is ...
    (comp.security.ssh)