https://bugzilla.mindrot.org/show_bug.cgi?id=2622
Bug ID: 2622
Summary: PAM stack sometimes will not run during auth and this
causes auths to fail
Product: Portable OpenSSH
Version: 4.3p2
Hardware: ix86
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: PAM support
Assignee: [email protected]
Reporter: [email protected]
Created attachment 2877
--> https://bugzilla.mindrot.org/attachment.cgi?id=2877&action=edit
Config Files and Debug Logs
I am running Centos 5 OpenSSH 4.3p2-82.0.2
This patch for the portable version has caused a bug where my PAM stack
is sometimes not being run. Attempting to connect about 70% of the time
will give me a failure, but occasionally I will see the password prompt
from pam_unix and be allowed to auth successfully.
Upgrading and downgrading between 4.3p2-82.0.1 and 4.3p2-82.0.2 has
shown me that the issue is connected to this patch in some way. In
4.3p2-82.0.1 I always get directed to perform PAM authentication and
can auth. I've attached the two new patch files for this version to
help debugging. Since I'm using challenge response authentication I
believe it is more related to the keyboard-interactive patch.
I've also included my sshd_config file. I believe the interesting
callouts are:
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM yes
I have included the relevant PAM stack files as well.
For debugging I've attached part of the client logs with -vvv and part
of the server logs with -ddd.
The logs seem to suggest that it knows to run the PAM stack but then
somewhere the connection does not succeed.
Please let me know if there is anything else I can do to help
troubleshoot this issue.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
