Package: openssh-server Version: 1:4.1p1-5 Severity: important Apparently, I'm the only, if not one of the few who was just bitten after an upgrade of openssh-server from 4.1p1-4 to 4.1.p1-5.
After the upgrade, no users can login to the box, and there is no logging of errors. running sshd by hand, I found it was declaring every user to be expired by PAM - but not logging that fact to syslog or auth.log ! I reset a few passwords, and obtained the same results... Downgrading the server to 4.1p1-4 allows login again. By the way, why does the client package depend upon the server (and at the same level)? Seems rather pointless, doesn't it ? -- System Information: Debian Release: testing/unstable APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages openssh-server depends on: ii adduser 3.64 Add and remove users and groups ii debconf [debconf-2.0] 1.4.51 Debian configuration management sy ii dpkg 1.13.10 Package maintenance system for Deb ii libc6 2.3.5-1 GNU C Library: Shared libraries an ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libselinux1 1.24-1 SELinux shared libraries ii libssl0.9.7 0.9.7g-1 SSL shared libraries ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii openssh-client 1:4.1p1-4 Secure shell client, an rlogin/rsh ii zlib1g 1:1.2.2-6 compression library - runtime openssh-server recommends no packages. -- debconf information: ssh/insecure_rshd: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true ssh/disable_cr_auth: false * ssh/protocol2_only: true ssh/encrypted_host_key_but_no_keygen: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
