openssh 3.7.1p2 afs/pam issues
ERIC K. CHEU
ekcheu at uncg.edu
Fri Oct 3 23:14:23 EST 2003
This is what happens when I put only this in the /etc/pam.conf file:
sshd auth optional /usr/lib/security/pam_afs.krb.so.1 ignore_root
(mind you, this line works okay with AFS accounts on previous version of
openssh):
debug1: Allocating pty.
debug1: session_new: init
debug1: session_new: session 0
debug1: session_pty_req: session 0 alloc /dev/pts/0
debug1: server_input_channel_req: channel 0 request shell reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: PAM: setting PAM_TTY to "/dev/pts/0"
debug1: here 2
debug1: PAM: establishing credentials
PAM: pam_setcred(): Authentication failed
debug1: Calling cleanup 0x3a3dc(0x1279e4)
debug1: Calling cleanup 0x476d8(0x0)
debug1: session_by_tty: session 0 tty /dev/pts/0
debug1: channel 0: free: server-session, nchannels 1
debug1: session_pty_cleanup: session 0 release /dev/pts/0
debug1: Calling cleanup 0x4f5e0(0x0)
debug1: Calling cleanup 0x44404(0x0)
debug1: PAM: cleanup
debug1: Calling cleanup 0x44404(0x0)
debug1: PAM: cleanup
client:
AFS Password:
Connection to waterfall closed by remote host.
Connection to waterfall closed.
--------------
So credentials are not being set somehow (maybe an incompatable ticket or
something?). I put the line here 2 to see where it was failing. Looks
like the second instance where do_pam_setcred(1) is being called after the
tty is begin set (around line 528 of session.c).
More information about the openssh-unix-dev
mailing list