Solaris/PAM/AFS: can't make it work

David R. Steiner david.r.steiner at Dartmouth.EDU
Fri May 28 05:49:22 EST 2004 

Greetings,

I know this has been discussed (pretty much since 3.7.1) and I have 
been going through the archives trying to  make sense of it but I am 
still having problems getting 3.8.1p1 to work with PAM and AFS on 
Solaris 8.

The problem (for those who may have missed it):

When I try and log in as an AFS user to a Solaris 8 box running 
3.8.1p1, I can authenticate to the machine but do not get a token (on 
one box, I was getting someone else's token =8-O ).

Here is what I have done so far:

- I tried forcing USE_POSIX_THREADS when building as described in 
http://bugzilla.mindrot.org/show_bug.cgi?id=688 . My understanding of 
how to do this was to set CFLAGS=-DUSE_POSIX_THREADS when configuring 
and I added -lpthreads to the LIBS in the Makefile. (Correct?)

When I tried this, I was prompted for a password but when I entered 
it the server closed the connection. The debug output from the server 
(from the point of the password prompt) was:


Postponed keyboard-interactive for dsteiner from 129.170.18.58 port 45683 ssh2
debug3: mm_sshpam_respond
debug3: mm_request_send entering: type 52
debug3: mm_sshpam_respond: waiting for MONITOR_ANS_PAM_RESPOND
debug3: mm_request_receive_expect entering: type 53
debug3: mm_request_receive entering
debug3: monitor_read: checking request 52
debug3: mm_answer_pam_respond
debug2: PAM: sshpam_respond entering, 1 responses
debug3: ssh_msg_send: type 6
debug3: mm_request_send entering: type 53
debug3: mm_request_receive entering
debug3: mm_sshpam_respond: pam_respond returned 1
debug3: mm_sshpam_query
debug3: mm_request_send entering: type 50
debug3: mm_sshpam_query: waiting for MONITOR_ANS_PAM_QUERY
debug3: mm_request_receive_expect entering: type 51
debug3: mm_request_receive entering
debug3: monitor_read: checking request 50
debug3: mm_answer_pam_query
debug3: PAM: sshpam_query entering
debug3: ssh_msg_recv entering
debug3: PAM: do_pam_account pam_acct_mgmt = 0
debug3: ssh_msg_send: type 0
debug3: PAM: import_environments entering
buffer_get: trying to get more bytes 4 than in buffer 0
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

- I tried applying the patches that Christian Pfaffel posted. But 
they did not produce any different results than the unpatched 
version. It did not matter whether the UsePAMSetCred option was set 
to yes or no.

My configuration looks like this:

./configure --prefix=/usr/ssh  --with-pam 
--with-tcp-wrappers=/usr/local --sysconfdir=/etc/ssh 
--with-pid-dir=/var/run --with-ipv4-default 
--with-default-path=/usr/bin:/bin:/usr/sbin:/sbin:/usr/afsws/bin:/usr/ssh/bin:/usr/local/bin

I would greatly appreciate hearing if anyone has any other 
suggestions or can see something I have done wrong.

TIA

-David-
-- 
David R. Steiner                               david.r.steiner at dartmouth.edu
UNIX System Manager                            Phone:  603.646.3127
Dartmouth College                              Fax:     603.646.1041

More information about the openssh-unix-dev mailing list