Solaris 8 sshd seg fault with 4.2p1 & PAM
Darren Tucker
dtucker at zip.com.au
Wed Sep 28 15:03:12 EST 2005
John Devitofranceschi wrote:
> Can anyone reproduce this on a Solaris 8 system with 4.2p1:
>
> openssh is configured to use PAM and sshd_config has "UsePam" set to "yes"
>
> pam.conf has something like this:
>
> other auth required pam_get_authtok
You mean "pam_authtok_get.so.1"? The example in pam.conf has it listed
as "requisite", not sure if that matters.
> other auth sufficient pam_krb5.so.1 use_first_pass
> other auth required pam_unix.so.1 use_first_pass
>
> Now, If I log in via ssh as a user who has a Kerberos principal,
> everything works just fine. If a local account is used, sshd segfaults.
> If I remove the pam_krb5.so.1 reference auth line, the local user can
> successfully authenticate.
>
> I'll gather more debugging info if this is not already a known problem.
Not a known problem as far as I am aware. Please open a bug at
http://bugzilla.mindrot.org and attach a debug trace ("/path/to/sshd
-ddde").
The other thing you might like to try is this test rig:
http://www.zip.com.au/~dtucker/patches/index.html#pamtest
# gcc pam-test-harness.c -o pam-test-harness -lpam
# ./pam-test-harness -s sshd -u youruser
This will help determine if the problem lies in sshd or the pam module.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list