Re: OpenSSH 3.7.1p1 & PAM authentication on Solaris 8

From: Neil W Rickert (rickert+nn_at_cs.niu.edu)
Date: 01/25/04


Date: Sun, 25 Jan 2004 00:27:52 +0000 (UTC)

dtucker@dodgy.net.au (Darren Tucker) writes:
>Neil W Rickert <rickert+nn@cs.niu.edu> wrote:
>>dtucker@dodgy.net.au (Darren Tucker) writes:

>>>Alternatively, you could try the patch here:
>>>http://bugzilla.mindrot.org/show_bug.cgi?id=768

>>I would have tried that. However, I couldn't figure out how to get
>>to the patch from that bugzilla web page.

>I just double checked and there isn't actually a patch, they just defined
>POSIX_THREADS, (possibly with ./configure --with-cflags=-DPOSIX_THREADS).
>Sorry for the confusion.

I tried that ( -DUSE_POSIX_THREADS). It did not help at all.

It has the side effect of disabling keyboard interactive
authentication.

        ...
        debug1: Next authentication method: publickey
        debug1: Trying private key: /home/euclid/nwr/.ssh/identity
        debug1: Trying private key: /home/euclid/nwr/.ssh/id_rsa
        debug1: Trying private key: /home/euclid/nwr/.ssh/id_dsa
        debug1: Next authentication method: keyboard-interactive
        debug1: Authentications that can continue: publickey,keyboard-interactive,hostbased
        debug1: No more authentication methods to try.
        Permission denied (publickey,keyboard-interactive,hostbased).
        debug1: Calling cleanup 0x806c810(0x0)

To be able to login with a password at all, I had to turn password
authentication back on. But then it seems that nothing of PAM is
run. In particular, the credentials for secure_nfs are not
established.

I tested this with both 3.7.1p2 and the current snapshot.

I guess I can go back to openssh-3.6.1p2 (with the announced patches
applied). But that still leaves a problem in your current source
tree.