<DIV>Thanks for Michael Chang !<BR>But the problem is not resovled. :(</DIV>  <DIV><BR>There are 3 problems: telnet, passwd and ssh<BR></DIV>  <DIV>1. telnet problem</DIV>  <DIV>/usr/local/srp/bin/telnet 127.0.0.1<BR>Trying 127.0.0.1...<BR>Connected to GATE (127.0.0.1).<BR>Escape character is '^]'.<BR>[ Negotiating SSL/TLS session ... ]<BR>[ Cipher: ADH-AES256-SHA (256 bits) ]<BR>[ Attempting to verify TLS session parameters... ]<BR>[ Trying SRP ... ]<BR>SRP Username (root): slls<BR>[ SRP refuses authentication for 'slls' (Password not set) ]<BR>WARNING: unable to verify TLS session parameters.  Continue? (Y/N)<BR>Connection closed.<BR>[root@GATE pam.d]# /usr/local/srp/bin/telnet 127.0.0.1<BR>Trying 127.0.0.1...<BR>Connected to GATE (127.0.0.1).<BR>Escape character is '^]'.<BR>[ Negotiating SSL/TLS session ... ]<BR>[ Cipher: ADH-AES256-SHA (256 bits) ]<BR>[ Attempting to verify TLS session parameters... ]<BR>[ Trying SRP ... ]<BR>SRP Username (root): slls<BR>[ SRP refus!
es
 authentication for 'slls' (Password not set) ]<BR>WARNING: unable to verify TLS session parameters.  Continue? (Y/N) y<BR>telnetd: Authorization failed.<BR>Connection closed by foreign host.</DIV>  <DIV>2. passwd problem</DIV>  <DIV>passwd root<BR>Changing password for user root.<BR>passwd: Authentication token manipulation error<BR>passwd slls<BR>Changing password for user slls.<BR>passwd: Authentication token manipulation error</DIV>  <DIV>/usr/local/srp/bin/passwd root<BR>passwd: Authentication token manipulation error<BR>/usr/local/srp/bin/passwd slls<BR>passwd: Authentication token manipulation error</DIV>  <DIV>If I replace "password required /lib/security/pam_eps_passwd.so" with "password sufficient /lib/security/pam_eps_passwd.so" in /etc/pam.d/system-auth, the command passwd is OK!<BR>/usr/local/srp/bin/passwd root<BR>New UNIX password:<BR>Retype new UNIX password:<BR>Password changed<BR>Password changed<BR>/usr/local/srp/bin/passwd slls<BR>New UNIX password:<!
BR>Retype
 new UNIX password:<BR>Password changed<BR>Password changed</DIV>  <DIV>3.ssh problem<BR>If I replace "auth sufficient /lib/security/pam_eps_auth.so" with "auth required /lib/security/pam_eps_auth.so" in /etc/pam.d/system-auth, I can't login from putty on windows.<BR>login as: slls<BR><A href="mailto:slls@GATE's">slls@GATE's</A> password:<BR>Access denied</DIV>  <DIV><BR>the fllowing is the details of 12 config files:  (the addition is between two "############" lines )</DIV>  <DIV>1.  vi /etc/pam.d/system-auth<BR>#%PAM-1.0<BR># This file is auto-generated.<BR># User changes will be destroyed the next time authconfig is run.<BR>auth        required      /lib/security/$ISA/pam_env.so<BR>auth        required    /lib/security/$ISA/pam_unix.so likeauth nullok<BR>#######################<BR>auth        sufficient  &nbs!
p;
 /lib/security/pam_eps_auth.so<BR>#auth       required      /lib/security/pam_eps_auth.so<BR>#######################<BR>auth        required      /lib/security/$ISA/pam_deny.so</DIV>  <DIV>account     required      /lib/security/$ISA/pam_unix.so<BR>account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet<BR>account     required      /lib/security/$ISA/pam_permit.so</DIV>  <DIV>password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3<BR>password    required      /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow<BR>#######################<BR>password    required     
 /lib/security/pam_eps_passwd.so<BR>#password    sufficient    /lib/security/pam_eps_passwd.so<BR>#######################<BR>password    required      /lib/security/$ISA/pam_deny.so</DIV>  <DIV>session     required      /lib/security/$ISA/pam_limits.so<BR>session     required      /lib/security/$ISA/pam_unix.so</DIV>  <DIV>2. vi /etc/pam.d/passwd<BR>#%PAM-1.0<BR>auth       required     pam_stack.so service=system-auth<BR>account    required     pam_stack.so service=system-auth<BR>password   required     pam_stack.so service=system-auth<BR>#####################<BR>password  required  /lib/security/pam_eps_passwd.so<BR>#####################</DIV>  <DIV>3. vi
 /etc/pam.d/login<BR>#%PAM-1.0<BR>auth       required     pam_securetty.so<BR>#########################<BR>auth       required     /lib/security/pam_eps_auth.so<BR>#########################<BR>auth       required     pam_stack.so service=system-auth<BR>auth       required     pam_nologin.so<BR>account    required     pam_stack.so service=system-auth<BR>password   required     pam_stack.so service=system-auth<BR>########################<BR>password    required      /lib/security/pam_eps_passwd.so<BR>#######################<BR># pam_selinux.so close should be the first session rule<BR>session    required     pam_selinux.so
 close<BR>session    required     pam_stack.so service=system-auth<BR>session    required     pam_loginuid.so<BR>session    optional     pam_console.so<BR># pam_selinux.so open should be the last session rule<BR>session    required     pam_selinux.so multiple open</DIV>  <DIV>4. vi /etc/pam.d/telnet (made by myself)<BR>auth required /lib/security/pam_unix.so<BR>auth       required     pam_stack.so service=system-auth<BR>auth       required     /lib/security/pam_eps_auth.so<BR>account    required     pam_stack.so service=system-auth<BR>passwd       required   /lib/security/pam_unix.so nullok use_authtok md5 shadow<BR>passwd      
 required   /lib/security/pam_eps_passwd.so<BR>session    required     pam_stack.so service=system-auth</DIV>  <DIV>5.  vi /etc/pam.d/sshd<BR>#%PAM-1.0<BR>auth       required     pam_stack.so service=system-auth<BR>################<BR>auth       required     /lib/security/pam_eps_auth.so<BR>################<BR>auth       required     pam_nologin.so<BR>account    required     pam_stack.so service=system-auth<BR>password   required     pam_stack.so service=system-auth<BR>################<BR>password    required      /lib/security/pam_eps_passwd.so<BR>################<BR>session    required     pam_stack.so
 service=system-auth<BR>session    required     pam_loginuid.so</DIV>  <DIV>The following is some informations of passwd . I think that it's enough :)</DIV>  <DIV>6. vi /etc/tpasswd.conf<BR>1:BeSXzvfTmxCDCkezFu0nATmpRZ7f2Owzq6go.FN/yxc0d6meIMcECy.noWZIdAlddq9NRPQM2KBsJadV3bovReMy4tsVfMBVQmDiLySA3Simn5qrDra20Tc681FDYVdWobC2bsmJQoq9qp3yd1lJZdr/lN4xdanvctOxyCWJA6N:5</DIV>  <DIV>7. vi /etc/tpasswd<BR>root:84/Rzyr1DgpRBfmSVTR494fw112Eo6tMc9Hxb9xPDK.owql.YzmcqUsoMUxXKI8nywwyy9AQa//a9hoktE.vECdR933Myb4OSp0DH9Wou7VW2ZJMt.wru4WW2qyi0Ra5C10pL2PVUuFldXms.bdUW26QO37YTnEWjCFNaZHUl1/:KU3RJ6bzeRwQk:1<BR>slls:9E.6uofYjFf32X6I5Ko.6zS2q2SVwSULRo46DkFcPW28ZYNy9m5KEvfPw6m8kHwivU8GtsJYlDoNenFeu3DOl1MO68OQjb8A9Ks5I4j39zA03a6YYpGTIUUnP3xTUb5h1giMOErY05rXQbTCISVJaBKOlz7iLorvTYYfMZjuaFA:212vUN4k1CRD1n:1</DIV>  <DIV>8. vi /etc/passwd <BR>root:x:0:0:root:/root:/bin/bash<BR>slls:x:500:500::/home/slls:/bin/bash</DIV>  <DIV>9. vi
 /etc/shadow<BR>root:$1$hXd4s8QX$F3S0e0jpyCv96xvflCldi0:13118:0:99999:7:::<BR>slls:$1$ch/mXiOt$QaNucFtjt3v2uToCoNMYd/:13118:0:99999:7:::</DIV>  <DIV>10.  vi /etc/group<BR>root:x:0:root<BR>slls:x:500:</DIV>  <DIV>11.  vi /etc/gshadow<BR>root:!!::root<BR>slls:!::</DIV>  <DIV>12. vi /etc/securetty<BR>console<BR>vc/1<BR>vc/2<BR>vc/3<BR>vc/4<BR>vc/5<BR>vc/6<BR>vc/7<BR>vc/8<BR>vc/9<BR>vc/10<BR>vc/11<BR>tty1<BR>tty2<BR>tty3<BR>tty4<BR>tty5<BR>tty6<BR>tty7<BR>tty8<BR>tty9<BR>tty10<BR>tty11</DIV>  <DIV> </DIV>  <DIV> </DIV><p>
                <hr size=1><a href="http://cn.mail.yahoo.com" target=blank> 
ÑÅ»¢Ãâ·ÑGÓÊÏ䣭ÖйúµÚÒ»¾øÎÞÀ¬»øÓʼþɧÈų¬´óÓÊÏä</a><br> 
<a href="http://cn.zs.yahoo.com" target=blank>ÑÅ»¢ÖúÊÖ¡§DËÑË÷¡¢É±¶¾¡¢·ÀɧÈÅ</a>