Bug#317241: openssh-server: unable to login after upgrade to 4.1p1-5
Package: openssh-server
Version: 1:4.1p1-5
Severity: important
Apparently, I'm the only, if not one of the few who was just bitten
after an upgrade of openssh-server from 4.1p1-4 to 4.1.p1-5.
After the upgrade, no users can login to the box, and there is no
logging of errors.
running sshd by hand, I found it was declaring every user to be expired
by PAM - but not logging that fact to syslog or auth.log !
I reset a few passwords, and obtained the same results...
Downgrading the server to 4.1p1-4 allows login again.
By the way, why does the client package depend upon the server (and at
the same level)? Seems rather pointless, doesn't it ?
-- System Information:
Debian Release: testing/unstable
APT prefers testing-proposed-updates
APT policy: (500, 'testing-proposed-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages openssh-server depends on:
ii adduser 3.64 Add and remove users and groups
ii debconf [debconf-2.0] 1.4.51 Debian configuration management sy
ii dpkg 1.13.10 Package maintenance system for Deb
ii libc6 2.3.5-1 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libselinux1 1.24-1 SELinux shared libraries
ii libssl0.9.7 0.9.7g-1 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii openssh-client 1:4.1p1-4 Secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.2-6 compression library - runtime
openssh-server recommends no packages.
-- debconf information:
ssh/insecure_rshd:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/disable_cr_auth: false
* ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
Reply to: