PAM auth. and HP-UX

Stephan Hendl Stephan.Hendl at lds.brandenburg.de
Fri Nov 10 01:24:07 EST 2000


Hi,

just a few days ago I upgraded to openssh-2.3.0p1 on HP-UX 11.00, trusted system,  incl. the PAM-patch PHCO_22265 and I run into another problem. The situation is the following. I come from server inside a firewall and go through the firewall wia a ssh-plug-gateway to one host in our internet section and further do a second server in the internet section. All this including the ssh-agent mechanism. The command is like:

hendl at server > ssh -t host_a ssh -t firewall ssh -t host_b

This procedere works fine, but on the host firewall I am disabled after an couple of conncetions because of too many unseccesful logins. Unfortunately the lastb command says nothing and in fact I didn't login to that machine, I used it only as an gateway. The syslog.log tells:

sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52166
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52167
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52168
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52169
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52170
sshd [xxx] PAM rejected by account configuration[28]: Account is disabled - see Account Administrator


It looks for me that the PAM tries to authenticate via passwd but the authentication comes via the ssh-agent and therefore the account is disabled after three connections.

Any help appreciated!
regards

Stephan


--
LDS Brandenburg
Dr. Stephan Hendl
fon: +49-(0)331-39 471
fax: +49-(0)331-27548 1187
EMail: stephan.hendl at lds.brandenburg.de







More information about the openssh-unix-dev mailing list