OpenSSH >=7.0 and

Yemelyanenko Fyodor fyodor_e at
Mon Mar 19 17:44:57 AEDT 2018


I have custom linux image based on CentOS 6.3
Linux kernel is 3.10.72-72

I now upgrading OpenSSH from 3.8 version to latest possible. Primarily I'm interesting to upgrade SSHD
I've build openssh got from with following commands:
    ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/libexec/openssh --with-pam --with-privsep-path=/var/empty/sshd --without-kerberos

Build succeeded and able to deploy SSHD on my Linux.
SSHD successfully started.
If I use version <=6.9 I'm able to successfully login after upgrade (tried with 5.1, 6.5 and 6.9)
If I use version >=7.0 I'm not able to login and get following error in syslog (tried with 7.0, 7.5 and 7.6)

Mar 17 21:31:45 sshd[7961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost= user=admin

I also tried to upgrade to version found in LinuxPAM 1.3.

For me it seems to be some issue with SSHD version >=7.0
May be there were some change related to usage?

My /etc/pam.d/sshd file

auth       include      system-auth
account    include      system-auth
account    required
account    required
password   include      system-auth
session    optional force revoke
session    include      system-auth
session    required

and /etc/pam.d/system-auth file

auth        required
auth        sufficient nullok try_first_pass likeauth nodelay
auth        required

account     required

password    sufficient sha512 shadow nullok try_first_pass use_authtok
password    required

session     required
session     required

More information about the openssh-unix-dev mailing list