I noticed that the latest version of ssh in potato introduced PAM
support and totally screwed up ssh for me. It created an
/etc/pam.d/ssh file with the following contents:
#%PAM-1.0
auth required pam_pwdb.so shadow
auth required pam_nologin.so
account required pam_pwdb.so
password required pam_cracklib.so
password required pam_pwdb.so shadow nullok use_authtok
session required pam_pwdb.so
I can no longer ssh into the machine. When I comment out the first
three lines (the 2 auth and account entries), ssh works once again.
When it doesn't work, the following gets written into
/var/log/auth.log:
Apr 23 15:30:15 chinook PAM_pwdb[27754]: check pass; user unknown
Apr 23 15:30:18 chinook PAM_pwdb[27754]: check pass; user unknown
I'm using NIS, so I'm not sure if pam_pwdb supports it. If so, does
anyone know how to configure it?
Thanks,
Max
--
The hopeful depend on a world without end
Whatever the hopeless may say
Neil Peart, 1985
Attachment:
pgpNoViOnbp2v.pgp
Description: PGP signature