Portable OpenSSH Solaris UseLogin Issue

Jonathan Fortin jfortin at revelex.com
Mon Dec 18 09:23:05 EST 2000



Greetings,


In order to use solaris's BSM (Basic security module) also called c2 audit,
which logs specific kernel calls depending on your audit_control,
I would need to use login(1) to log users exec calls and whatnot because
Portable OpenSSH does not have <bsm/audit.h> support, now that would mean I
would have to enable Uselogin in sshd_config in order for that to work.

I am running openssh's latest portable version on Solaris 7 core install
with latest patches.

When I enabled Uselogin, and I ssh with debug mode on, I get the following:

Environment:
  TZ=US/Eastern
  SSH_CLIENT=x.x.x.x 34951 22
  SSH_TTY=/dev/pts/3
  TERM=vt100
No utmpx entry. You must exec "login" from the lowest level "shell".
Connection to x.x.x.x closed.

Here's my debug output from sshd:

Connection from x.x.x.x port 34949
debug: Client protocol version 1.5; client software version x.x.x
debug: Local version string SSH-1.5-x.x.x
debug: Sent 1152 bit public key and 1024 bit host key.
debug: Encryption type: 3des
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
debug: Attempting authentication for xxxxxx.
Accepted password for xxxxx from x.x.x.x port 34949
debug: session_new: init
debug: session_new: session 0
debug: Allocating pty.
debug: Entering interactive session.
debug: fd 3 setting O_NONBLOCK
debug: server_init_dispatch_13
debug: server_init_dispatch_15
debug: tvp!=NULL kid 0 mili 10
debug: Received SIGCHLD.
debug: tvp!=NULL kid 1 mili 10
debug: tvp!=NULL kid 1 mili 10
debug: tvp!=NULL kid 1 mili 100
debug: End of interactive session; stdin 0, stdout (read 171, sent 171),
stderr 0 bytes.
debug: Command exited with status 1.
debug: Received exit confirmation.
debug: session_pty_cleanup: session 0 release /dev/pts/3
Closing connection to 10.10.1.31


I also tryed giving mode 777 to both sshd and login and it did not work to
see if that would make a difference.
Telnetting in works so I don't see a problem with login(1) or utmp[x]. Could
it be a broken implementation of Uselogin in Solaris?


Any help is appreciated..

Sincerely,

Jonathan



















More information about the openssh-unix-dev mailing list