[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: openssh + pam authentication failing +md5 (?!) HELP HELP HELP !



On Mon, May 06, 2002 at 08:52:41AM -0700, light storm wrote:
> Hello Steve,all

> I added the debug option the password rule and the auth rule in the
> sshd pam file, but as far as i can see nothing was sent to the logs, i
> mean messages and warn logs, unless i should check some other log
> which i cannot see at the moment ??

You would need to check your /etc/syslog.conf to see where -- if
anywhere -- auth.* messages are currently being sent.  On my machine,
that's /var/log/auth and /var/log/debug.

> But i think i found the problem but if it is real then i still don't
> know what i can do:

> I changed the password of the user 'testuser' with some other tool
> which doesn't create md5 passwords. 

> Then i tried again ssh and now i can login, but 2 things i conclude
> now:  1. ssh lets me , i only need the first 8 chars to enter
>       2. it seems that when it's md5 encrypted then authentication
>          fails.

If using traditional crypt passwords, only the first 8 characters of the
password are encrypted.

> debug1: PAM Password authentication accepted for user "testuser"
> Accepted password for testuser from 192.168.200.30 port 33030 ssh2
> debug1: Entering interactive session for SSH2.

A couple possibilities I can think of:

The pam_unix module you're using doesn't support md5 passwords.

The password you had for testuser was not a valid md5 hash, causing
authentication to fail.

The testuser account was expired, and PAM was requiring a password
change, but the password change was failing.

To rule out the third possibility, I suggest setting a new md5 password
for testuser and trying to ssh in again.

Steve Langasek
postmodern programmer

Attachment: pgp00003.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []