Solaris/PAM/AFS: can't make it work
David R. Steiner
david.r.steiner at Dartmouth.EDU
Fri May 28 05:49:22 EST 2004
Greetings,
I know this has been discussed (pretty much since 3.7.1) and I have
been going through the archives trying to make sense of it but I am
still having problems getting 3.8.1p1 to work with PAM and AFS on
Solaris 8.
The problem (for those who may have missed it):
When I try and log in as an AFS user to a Solaris 8 box running
3.8.1p1, I can authenticate to the machine but do not get a token (on
one box, I was getting someone else's token =8-O ).
Here is what I have done so far:
- I tried forcing USE_POSIX_THREADS when building as described in
http://bugzilla.mindrot.org/show_bug.cgi?id=688 . My understanding of
how to do this was to set CFLAGS=-DUSE_POSIX_THREADS when configuring
and I added -lpthreads to the LIBS in the Makefile. (Correct?)
When I tried this, I was prompted for a password but when I entered
it the server closed the connection. The debug output from the server
(from the point of the password prompt) was:
Postponed keyboard-interactive for dsteiner from 129.170.18.58 port 45683 ssh2
debug3: mm_sshpam_respond
debug3: mm_request_send entering: type 52
debug3: mm_sshpam_respond: waiting for MONITOR_ANS_PAM_RESPOND
debug3: mm_request_receive_expect entering: type 53
debug3: mm_request_receive entering
debug3: monitor_read: checking request 52
debug3: mm_answer_pam_respond
debug2: PAM: sshpam_respond entering, 1 responses
debug3: ssh_msg_send: type 6
debug3: mm_request_send entering: type 53
debug3: mm_request_receive entering
debug3: mm_sshpam_respond: pam_respond returned 1
debug3: mm_sshpam_query
debug3: mm_request_send entering: type 50
debug3: mm_sshpam_query: waiting for MONITOR_ANS_PAM_QUERY
debug3: mm_request_receive_expect entering: type 51
debug3: mm_request_receive entering
debug3: monitor_read: checking request 50
debug3: mm_answer_pam_query
debug3: PAM: sshpam_query entering
debug3: ssh_msg_recv entering
debug3: PAM: do_pam_account pam_acct_mgmt = 0
debug3: ssh_msg_send: type 0
debug3: PAM: import_environments entering
buffer_get: trying to get more bytes 4 than in buffer 0
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
- I tried applying the patches that Christian Pfaffel posted. But
they did not produce any different results than the unpatched
version. It did not matter whether the UsePAMSetCred option was set
to yes or no.
My configuration looks like this:
./configure --prefix=/usr/ssh --with-pam
--with-tcp-wrappers=/usr/local --sysconfdir=/etc/ssh
--with-pid-dir=/var/run --with-ipv4-default
--with-default-path=/usr/bin:/bin:/usr/sbin:/sbin:/usr/afsws/bin:/usr/ssh/bin:/usr/local/bin
I would greatly appreciate hearing if anyone has any other
suggestions or can see something I have done wrong.
TIA
-David-
--
David R. Steiner david.r.steiner at dartmouth.edu
UNIX System Manager Phone: 603.646.3127
Dartmouth College Fax: 603.646.1041
More information about the openssh-unix-dev
mailing list