Bug#317241: SSH claims to be sshd to PAM, but ships /etc/pam.d/sshd
On Thu, Jul 07, 2005 at 03:07:10PM +1000, Paul TBBle Hampson wrote:
> The problem here is:
> Jul 6 18:58:39 helium PAM-warn[28455]: function=[pam_sm_acct_mgmt] service=[sshd] terminal=[ssh] user=[portfwd] ruser=[<unknown>] rhost=[161.80.249.101]
>
> openssh-server ships /etc/pam.d/ssh, but this above line indicates it is
> looking for /etc/pam.d/sshd, and then fall back to /etc/pam.d/other. I presume
> the submitter has changed /etc/pam.d/other to reject user logins, while in the
> default case this change will simply cause things like pam_env, pam_motd,
> pam_limits and pam_mail to be not-processed.
>
> (I believe this change also caused 317088, but cannot be certain from the
> report itself.)
Thanks for that. I don't understand how this could possibly have
happened, though; I certainly didn't touch anything related to PAM in
1:4.1p1-5, and the build log looks perfectly fine. I've also just
upgraded some other machines to 1:4.1p1-5 and they're working fine too.
You're certain it was working fine with 1:4.1p1-4?
I might "fix" this by fixing #255870/#261363, but I would really like to
understand the real problem first.
Could I get an 'strace -f -s 1024' of the server while you try to
connect to it? Feel free to send it to me privately and/or audit it to
remove any sensitive data like host keys and shadow password data first.
Richard A Nelson wrote:
> By the way, why does the client package depend upon the server (and at
> the same level)? Seems rather pointless, doesn't it ?
It doesn't. openssh-server depends on openssh-client, not the other way
round. See the changelog for openssh 1:3.8.1p1-9. (I'm not sure what
"and at the same level" means, though?)
Cheers,
--
Colin Watson [cjwatson@debian.org]
Reply to: