[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: openssh + pam authentication failing +md5 (?!) HELP HELP HELP !

On Fri, May 03, 2002 at 11:10:01AM -0700, light storm wrote:

> First of all thanks for anytime you put in my problem, really
> appreciate all the help cause i just don't see it :(

> I'll paste here the additional information which might help solve this:

> (note: openssh was compiled with pam support and md5 support)

> sshd pam file for openssh in /etc/pam.d/

Have you checked your log files for anything that might tell you which
PAM module is failing and why?  pam_unix, at least, logs a fair amount
of information to the syslog 'auth' facility, and more information is 
available if you add the 'debug' flag to the module arguments

  auth	required	/lib/security/pam_unix.so debug

Your openssh debug output indicates that PAM is being invoked, and your 
PAM config file looks reasonable from what I can tell; so looking at 
logs would be the next step.

> #%PAM-1.0
> auth     required       /lib/security/pam_unix.so       # set_secrpc
> auth     required       /lib/security/pam_nologin.so
> auth     required       /lib/security/pam_env.so
> account  required       /lib/security/pam_unix.so

> password required       /lib/security/pam_pwcheck.so    md5

BTW, does pam_pwcheck.so really support this 'md5' argument?  As a quick
experiment, you might try removing it to see if that changes openssh's
behavior -- though the effect on the authentication process of a
misconfigured password module should really be minimal.

Steve Langasek
postmodern programmer

Attachment: pgp00002.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []