need a hand debugging ssh logins...

To: debian-ssh@lists.debian.org
Subject: need a hand debugging ssh logins...
From: "Bradley W. Langhorst" <brad@langhorst.com>
Date: 20 Mar 2003 11:24:13 -0500
Message-id: <[🔎] 1048177452.2778.45.camel@unheq1>

I'm having trouble getting ssh logins to work on my test machine (debian
testing)...

I'm using OpenSSH_3.4p1 Debian 1:3.4p1-4 and 

        #Privilege Separation is turned on for security
        UsePrivilegeSeparation yes
        
        # ...but breaks Pam auth via kbdint, so we have to turn it off
        # Use PAM authentication via keyboard-interactive so PAM modules
        can
        # properly interface with the user (off due to PrivSep)
        PAMAuthenticationViaKbdInt no
        
in sshd_config (so pam should work...)
I've messed around with those options to no avail.

My system authenticates with an ldap server using libnss_ldap and 
i'm using pam_unix (instead of pam_ldap) to take advantage of nscd.

I'm fairly sure that nss_ldap is working properly because getent passwd
get's my ldap accounts.

I think pam is configured properly because local logins and other pam
apps work fine.

when i use a normal pam.d/ssh file (auth required pam_unix.so audit)
i just get this (not much help there...)

Mar 20 11:11:40 myhostname sshd[2945]: debug1: Starting up PAM with
username "bwlang"
Mar 20 11:11:40 myhostname sshd[2945]: debug1: PAM setting rhost to
"clienthostname"
Mar 20 11:11:40 myhostname sshd[2945]: Failed none for bwlang from
132.177.44.141 port 1566 ssh2

and the connection is closed 

if i change the pam.d/ssh file to to pam_permit  instead of pam_unix i
get a little further in auth log.

Mar 20 10:48:19 myhostname sshd[2810]: debug1: Forked child 2824.
Mar 20 10:48:19 myhostname sshd[2824]: Connection from 132.177.44.141
port 1565
Mar 20 10:48:19 myhostname sshd[2824]: debug1: Client protocol version
2.0; client software version OpenSSH_3.4p1 Debian 1:3.4p1-1
Mar 20 10:48:19 myhostname sshd[2824]: debug1: match: OpenSSH_3.4p1
Debian 1:3.4p1-1 pat OpenSSH*
Mar 20 10:48:19 myhostname sshd[2824]: Enabling compatibility mode for
protocol 2.0
Mar 20 10:48:19 myhostname sshd[2824]: debug1: Local version string
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-4
Mar 20 10:48:21 myhostname sshd[2824]: debug1: Starting up PAM with
username "bwlang"
Mar 20 10:48:21 myhostname sshd[2824]: debug1: PAM setting rhost to
"clienthostname"
Mar 20 10:48:21 myhostname sshd[2824]: Failed none for bwlang from
132.177.44.141 port 1565 ssh2
Mar 20 10:48:23 myhostname sshd[2824]: debug1: PAM Password
authentication accepted for user "bwlang"
Mar 20 10:48:23 myhostname sshd[2824]: Accepted password for bwlang from
132.177.44.141 port 1565 ssh2
Mar 20 10:48:23 myhostname sshd[2824]: debug1: monitor_child_preauth:
bwlang has been authenticated by privileged process
Mar 20 10:48:23 myhostname sshd[2824]: debug1: Calling cleanup
0x8052b48(0x0)
Mar 20 10:48:23 myhostname sshd[2824]: debug1: Calling cleanup
0x806be4c(0x0)

but i the connection get dropped just the same.

I've tried running both the client and the ssh server in higher debug
modes and didn't see anything illuminating.  The audit option in
pam.d/ssh doesn't appear to put anything into my auth.log file (though
if i change it to "foo" i see a message saying that foo in an invalid
option so i know that the log messages do go to auth.log)

I have no idea what's going on here...
maybe somebody can suggest a new avenue to investigate?

thanks!

brad
-- 
Bradley W. Langhorst <brad@langhorst.com>

Reply to:

Next by Date: Re: OpenSSH IPv6 status
Next by thread: Re: OpenSSH IPv6 status
Index(es):
- Date
- Thread