Suggestion: SSHD pseudo/fake mode. Source available.
Darren Tucker
dtucker at zip.com.au
Sun Feb 27 23:51:57 EST 2005
Daniel Kastenholz wrote:
> Hope this helps.
Thanks. It does, I think.
What can you tell me about the host? It doesn't happen to be a recent
Linux (with glibc-2.3.x), does it?
> Failed keyboard-interactive for illegal user root from ::ffff:127.0.0.1
> port 32772 ssh2
> Connection closed by ::ffff:127.0.0.1
> debug1: Calling cleanup 0x8066f50(0x0)
> debug1: PAM: cleanup
> debug1: Calling cleanup 0x80733b0(0x0)
I can reproduce it on my FC3 box. In my case, it appears to be because
getnameinfo() does some dlopen tricks which don't work in a chroot, and it
actually blows up deep inside glibc.
If this all applies to you, you can confirm this is the cause by doing:
# cp -a /lib /var/empty
(or wherever you configured the sshd privsep dir to be) and repeating the
test. This is not a good long-term solution, though.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list