PAM, sshd and RSA does not work together!

Roman maillists at gmx.ch
Tue Mar 23 09:33:55 UTC 2004 

Hi there,

we are running a Suse 8.1 Linux file server and would like to connect to 
it through SSH via the public key mechanism (RSA) from our Windows2000 
clients.
Connecting to the linux box with the user/password mechanism just works 
fine, but the pubilc key mechanism fails.
What I have found so far is (from syslog), that sshd calls PAM which 
accepts when verifing the password but denies with the RSA.

I read the PAM manual page and still have not figured out what to change 
in /etc/pam.d/sshd to get it working.

Where do I get information on what the different libraries exactly do 
and do I need a special library to make SSH RSA work?
Can anyone provide a sample configuration for sshd that work for 
password and RSA login?

Here is the syslog  ...

Mar 22 10:12:02 riale sshd[11288]: debug1: Forked child 11332.
Mar 22 10:12:02 riale sshd[11332]: Connection from ::ffff:192.168.252.71 
port 1288
Mar 22 10:12:02 riale sshd[11332]: debug1: Client protocol version 1.5; 
client software version PuTTY-Release-0.53
Mar 22 10:12:02 riale sshd[11332]: debug1: no match: PuTTY-Release-0.53
Mar 22 10:12:02 riale sshd[11332]: debug1: Local version string 
SSH-1.99-OpenSSH_3.4p1
Mar 22 10:12:02 riale sshd[11332]: debug2: Network child is on pid 11333
Mar 22 10:12:02 riale sshd[11332]: debug3: preauth child monitor started
Mar 22 10:12:02 riale sshd[11332]: debug3: mm_request_receive entering
Mar 22 10:12:02 riale sshd[11332]: debug3: monitor_read: checking request 36
Mar 22 10:12:02 riale sshd[11332]: debug3: mm_request_send entering: type 37
Mar 22 10:12:02 riale sshd[11332]: debug2: monitor_read: 36 used once, 
disabling now
Mar 22 10:12:02 riale sshd[11332]: debug3: mm_request_receive entering
Mar 22 10:12:02 riale sshd[11332]: debug3: monitor_read: checking request 38
Mar 22 10:12:02 riale sshd[11332]: debug3: mm_answer_sessid entering
Mar 22 10:12:02 riale sshd[11332]: debug2: monitor_read: 38 used once, 
disabling now
Mar 22 10:12:02 riale sshd[11332]: debug3: mm_request_receive entering
Mar 22 10:12:04 riale sshd[11332]: debug3: monitor_read: checking request 6
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_answer_pwnamallow
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_answer_pwnamallow: sending 
MONITOR_ANS_PWNAM: 1
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_request_send entering: type 7
Mar 22 10:12:04 riale sshd[11332]: debug2: monitor_read: 6 used once, 
disabling now
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_request_receive entering
Mar 22 10:12:04 riale sshd[11332]: debug3: monitor_read: checking request 45
Mar 22 10:12:04 riale sshd[11332]: debug1: Starting up PAM with username 
"moor"
Mar 22 10:12:04 riale sshd[11332]: debug3: Trying to reverse map address 
192.168.252.71.
Mar 22 10:12:04 riale sshd[11332]: Could not reverse map address 
192.168.252.71.
Mar 22 10:12:04 riale sshd[11332]: debug1: PAM setting rhost to 
"192.168.252.71"
Mar 22 10:12:04 riale sshd[11332]: debug2: monitor_read: 45 used once, 
disabling now
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_request_receive entering
Mar 22 10:12:04 riale sshd[11332]: debug3: monitor_read: checking request 10
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_answer_authpassword: 
sending result 0
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_request_send entering: type 11
Mar 22 10:12:04 riale sshd[11332]: Failed none for moor from 
::ffff:192.168.252.71 port 1288
Mar 22 10:12:04 riale sshd[11332]: debug3: mm_request_receive entering

and the sshd configuration file:

#%PAM-1.0
auth     required       pam_unix2.so    # set_secrpc
auth     required       pam_nologin.so
auth     required       pam_env.so
account  required       pam_unix2.so
account  required    pam_nologin.so
password required       pam_pwcheck.so
password required       pam_unix2.so    use_first_pass use_authtok
session  required       pam_unix2.so    none # trace or debug
session  required       pam_limits.so

I would appreciate some help.

Roman

More information about the Pam-list mailing list