[Bug 2340] Openssh issue: unable to ssh the solaris server from ldap users

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jan 27 22:34:35 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2340

--- Comment #8 from Darren Tucker <dtucker at zip.com.au> ---
Short answer as a workaround: put "ChallengeResponseAuthentication no"
and "KbdInteractiveAuthentication no" into sshd_config and restart
sshd.

Longer answer:
There's two different methods of password-type authentication:
PasswordAuthentication (the simplest) and keyboard-interactive (which
is more complicated but more capable).  Your debug logs show password
works but keyboard-interactive doesn't.

> 3.if you can run the server in debug mode at the same time --- was able to login

now this is a bit odd: your keyboard-interactive works when the server
is running in debug mode.  Unfortunately this makes it hard to figure
out what's going on.  My guess is that something in the PAM stack is
trying to use stdin or stdout (which, if true, is a bug in a PAM
module).

Please try redirecting the sshd stdin and stdout then try logging in:

/path/to/sshd -p [someport] -De -oLogLevel=debug3 </dev/null >/dev/null
>logfile

ssh -vvv -o preferredauthentications=keyboard-interactive -p [someport]
yourserver

and attach both logs to this bug.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list