Re: Authorisation Errors on 9.2
On 14/10/2013 06:37, Beeblebrox wrote: Hi, I Inadvertently posted the gnome-keyring bit. That's almost standard error message on FreeBSD-Gnome. The relevant bit for the error is in fact: slim: gkr-pam: no password is available for user However, the user cannot login on a tty without providing a password. For ssh, the same error and dropped connection occurs for all users. sshd was modified to allow root login. All users have valid home directories defined. From /etc/passwd; I wonder if this has anything to do with it? sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/*nologin* Could it be a dud /root/.tcshrc? Or /etc/login.conf? The accounts which try to ssh login also login on host proper and do not have any login issues when logging-in directly on host - so I think we can eliminate these problems. I'm now really guessing - I've not tried 9.2-RELEASE. Given these things are usually really obvious when you finally spot them (it happens to me a lot, anyway), here are a few obvious things you could think of in case it helps. First off, ssh is different from a console login so what's in sshd_config matters. That said, the defaults generally work (or used to). In no particular order, in sshd_config: PasswordAuthentication must be yes KerberosOrLocalPasswd probably yes AllowUsers, AllowGroups, DenyUsers and DenyGroups need to be set correctly. ChrootDirectory - this could cause fun if it's set to something. Other things that might be interesting are UseLogin and UsePAM. If this was a fundamental problem with changed defaults in 9.2, I'm sure a lot more people would have complained. Regards, Frank. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Authorisation Errors on 9.2
I have two strange errors but I am not sure whether they are related. ERROR-1: Slim allows login without checking for password. /var/log/auth.log shows: Oct 13 11:44:57: slim: gkr-pam: no password is available for user Oct 13 11:44:57: gnome-keyring-daemon[1225]: couldn't allocate secure memory to keep passwords and or keys from being written to the disk ERROR-2: sshd disconnects (drops) client connections immediately after login. This happens when trying from host its self or some other client. Testing from host (162.168.1.10 is host's IP) $ ssh root@192.168.1.10 Password for root@server.freebsd: Last login: Sun Oct 13 13:02:09 2013 Welcome to myNetwork (the motd message) csh: No such file or directory Connection to 192.168.1.10 closed. /var/log/auth.log for ssh shows: Oct 13 19:41:37: Server listening on 0.0.0.0 port 22. Oct 13 19:42:37: Accepted keyboard-interactive/pam for root from 192.168.1.10 port 33248 ssh2 Oct 13 19:42:37: Received disconnect from 192.168.1.10: 11: disconnected by user Thanks for any advice on how to resolve these two issues. - FreeBSD-9.2-stable_amd64_root-on-zfs_clang-only-world -- View this message in context: http://freebsd.1045724.n5.nabble.com/Authorisation-Errors-on-9-2-tp5851543.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Authorisation Errors on 9.2
On 13/10/2013 18:08, Beeblebrox wrote: I have two strange errors but I am not sure whether they are related. ERROR-1: Slim allows login without checking for password. /var/log/auth.log shows: Oct 13 11:44:57: slim: gkr-pam: no password is available for user Oct 13 11:44:57: gnome-keyring-daemon[1225]: couldn't allocate secure memory to keep passwords and or keys from being written to the disk ERROR-2: sshd disconnects (drops) client connections immediately after login. This happens when trying from host its self or some other client. Testing from host (162.168.1.10 is host's IP) $ ssh root@192.168.1.10 Password for root@server.freebsd: Last login: Sun Oct 13 13:02:09 2013 Welcome to myNetwork (the motd message) csh: No such file or directory Connection to 192.168.1.10 closed. /var/log/auth.log for ssh shows: Oct 13 19:41:37: Server listening on 0.0.0.0 port 22. Oct 13 19:42:37: Accepted keyboard-interactive/pam for root from 192.168.1.10 port 33248 ssh2 Oct 13 19:42:37: Received disconnect from 192.168.1.10: 11: disconnected by user Thanks for any advice on how to resolve these two issues. The gnome keyring demon does that. I believe it's only warning and I've never dug in to the source to find out more but I think it's something it can only do on Linux. I'm sure someone will be along in a minute with something to say about that. As to the second problem - csh: No such file or directory. At the risk of pointing out the trivial, is root's home directory valid? Why not post /etc/passwd and we'll check :-) Could it be a dud /root/.tcshrc? Or /etc/login.conf? I assume you've configured sshd to allow direct root logins. If you hadn't I think you get a different rejection message (but who knows with 9.2?) Regards, Frank. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Authorisation Errors on 9.2
Hi, I Inadvertently posted the gnome-keyring bit. That's almost standard error message on FreeBSD-Gnome. The relevant bit for the error is in fact: slim: gkr-pam: no password is available for user However, the user cannot login on a tty without providing a password. For ssh, the same error and dropped connection occurs for all users. sshd was modified to allow root login. All users have valid home directories defined. From /etc/passwd; I wonder if this has anything to do with it? sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/*nologin* Could it be a dud /root/.tcshrc? Or /etc/login.conf? The accounts which try to ssh login also login on host proper and do not have any login issues when logging-in directly on host - so I think we can eliminate these problems. Thanks and Regards - FreeBSD-9.2-stable_amd64_root-on-zfs_clang-only-world -- View this message in context: http://freebsd.1045724.n5.nabble.com/Authorisation-Errors-on-9-2-tp5851543p5851636.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org