pam problem in openssh-3.7.1p2

Ben Lindstrom mouring at etoh.eviladmin.org
Sun Oct 5 05:23:25 EST 2003 

Set 'UsePAM yes' in your sshd_config. The default is now 'UsePAM no'.

- Ben

On Sat, 4 Oct 2003, alex wrote:

> ok, here the log
> +root at alex ~/ssh+ ls -al
> total 1604
> drwxr-xr-x   2 root  wheel     512 Oct  4 17:03 .
> drwxr-xr-x  16 root  wheel    1024 Oct  4 17:02 ..
> -rw-------   1 root  wheel  791161 Sep 22 15:06 openssh-3.7.1p1.tar.gz
> -rw-------   1 root  wheel  792280 Sep 25 15:00 openssh-3.7.1p2.tar.gz
> +root at alex ~/ssh+ tar xzf openssh-3.7.1p2.tar.gz
> +root at alex ~/ssh+ cd openssh-3.7.1p2
> +root at alex ~/ssh/openssh-3.7.1p2+ ./configure --prefix=/usr
> --sysconfdir=/etc/ssh --with-pam | grep PAM
> configure: WARNING: Make sure the path to scp is in /etc/login.conf
>                        PAM support: yes
> PAM is enabled. You may need to install a PAM control file
> Example PAM control files can be found in the contrib/
> +root at alex ~/ssh/openssh-3.7.1p2+ make > /dev/null
> uuencode.c: In function `uuencode':
> uuencode.c:35: warning: implicit declaration of function `__b64_ntop'
> uuencode.c: In function `uudecode':
> uuencode.c:53: warning: implicit declaration of function `__b64_pton'
> session.c: In function `do_setup_env':
> session.c:975: warning: unused variable `path'
> auth-pam.c:56:1: warning: "__unused" redefined
> In file included from /usr/include/stdio.h:43,
>                  from includes.h:24,
>                  from auth-pam.c:33:
> /usr/include/sys/cdefs.h:139:1: warning: this is the location of the previous
> definition
> +root at alex ~/ssh/openssh-3.7.1p2+ killall sshd
> +root at alex ~/ssh/openssh-3.7.1p2+ ./sshd -Ddddddddddddd
> ... bla bla bla ... in another terminal: ssh 127.0.0.1
> debug1: auth2_challenge_start: trying authentication method 'pam'
> debug3: mm_sshpam_init_ctx
> debug3: mm_request_send entering: type 46
> debug3: monitor_read: checking request 46
> debug3: mm_answer_pam_init_ctx
> debug3: mm_request_send entering: type 47
> debug3: mm_request_receive entering
> debug3: mm_sshpam_init_ctx: waiting for MONITOR_ANS_PAM_INIT_CTX
> debug3: mm_request_receive_expect entering: type 47
> debug3: mm_request_receive entering
> debug3: mm_sshpam_init_ctx: pam_init_ctx failed
> Failed keyboard-interactive for root from 127.0.0.1 port 50684 ssh2
> ...
> so pam don't work
> but !!!
> do absolutily the same with openssh-3.7.1p1 and it work wonderfull,
> why ?
> +root at alex ~+ uname -a
> FreeBSD alex.3fn.net 5.1-RELEASE FreeBSD 5.1-RELEASE #0: Wed Sep 17 22:20:52
> EEST 2003     root at alex.ukr.net:/usr/src/sys/i386/compile/TEST  i386
>
> use same config & pam.d/sshd with both test openssh-3.7.1p1 & openssh-3.7.1p2
> +root at alex ~/ssh/openssh-3.7.1p2+ grep Chall /etc/ssh/sshd_config
> ChallengeResponseAuthentication yes
> +root at alex ~+ cat /etc/pam.d/sshd
> ...
> # $FreeBSD: src/etc/pam.d/sshd,v 1.15 2003/04/30 21:57:54 markm Exp $
> ...
>
> whe need pam, pls help
> best regards
> Alex
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>

More information about the openssh-unix-dev mailing list