Bug#314289: openssh-server: Missing or wrong PAM dependencies cause login denial
Package: openssh-server
Version: 1:4.3p2-8
Followup-For: Bug #314289
This is what we had installed:
ii libpam-modules 0.72-34
Pluggable Authentication Modules for PAM
ii libpam-runtime 0.76-15
Runtime support for the PAM library
ii libpam0g 0.76-7
Pluggable Authentication Modules library
Then we upgraded openssh-server to 4.3p2-8. Afterwards it refused all
connections. This is what turned up in auth.log
Jan 19 21:46:35 dora sshd[11322]: PAM unable to resolve symbol:
pam_sm_acct_mgmt
Jan 19 21:46:52 dora sshd[11322]: Failed password for agnes from
192.168.42.44 port 54009
After upgrading all pam packages to recent version the problem was gone.
-- System Information:
Debian Release: 3.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15.3
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Versions of packages openssh-server depends on:
ii adduser 3.59 Add and remove users and groups
ii debconf [debc 1.5.2 Debian configuration management sy
ii dpkg 1.13.22 package maintenance system for Deb
ii libc6 2.3.6-7 GNU C Library: Shared libraries
ii libcomerr2 1.34+1.35-WIP-2004.01.31-1 The Common Error Description libra
ii libkrb53 1.4.3-5 MIT Kerberos runtime libraries
ii libpam-module 0.79-4 Pluggable Authentication Modules f
ii libpam-runtim 0.79-4 Runtime support for the PAM librar
ii libpam0g 0.79-4 Pluggable Authentication Modules l
ii libselinux1 1.32-3 SELinux shared libraries
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii libwrap0 7.6-9 Wietse Venema's TCP wrappers libra
ii openssh-clien 1:4.3p2-8 Secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.1-5 compression library - runtime
openssh-server recommends no packages.
-- debconf information:
ssh/insecure_rshd:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/disable_cr_auth: false
ssh/encrypted_host_key_but_no_keygen:
Reply to: