openssh-2.1.1p2 problem and fix
Damien Miller
djm at mindrot.org
Sun Jul 2 08:48:12 EST 2000
On Sat, 1 Jul 2000, Darren Evans wrote:
>
> Hi all,
>
> trawled through the archives and did'nt find what I was looking for
> so here goes.
>
> This may be common knowledge or may not for the developers here ...
> maybe it will save someone some time anyhow.
>
> I'm running Redhat 6.2, **2.4.0-test1 kernel**,
> openssh-2.1.1p2.tar.gz, openssl-0.9.5a.tar.gz, with these options.
>
> sh configure --with-tcp-wrappers --with-md5-passwords
> --with-ipv4-default --with-pam
Can you send the output of a configure run?
> ident /usr/local/sbin/sshd | grep -i pam
>
> Does not find pam.
I suspect that some brokenness in the new kernel headers is breaking
the test for PAM. You might want to trawl through config.log for
more detailed error messages.
> The error I receive is a,
>
> Permission denied, please try again even though my password **IS**
> correct.
As a temporary workaround you might want to set --with-md5-passwords
> When I do this, and strace sshd -d I get this from strace
> ssh -v -l darren horseplay
> read(3, "root:$1$1xxxxxxxxxxxxxxxxxxxxxxx"..., 4096) = 757
> I may be wrong, but it does say read(4, "root: ...." so is it not
> reading my username in the shadow file.
If you username is in the first 4096 bytes of the password file
it is getting it OK.
> I've also had odd problems with openssh-2.1.1p1.tar.gz on FreeBSD
> 3.5-STABLE, maybe i'll go into that one another day as my memory is
> hazy at the moment.
The FreeBSD developers maintain their own port of OpenSSH - I have
no idea whether it is based on our work or not.
Thanks,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
More information about the openssh-unix-dev
mailing list