|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Laurent Luyckx (laurent_at_luyckx.net)
Date: Wed Oct 02 2002 - 09:11:52 CDT
You need to turn off UsePrivilegeSeparation
in your /etc/ssh/sshd_config file.
"UsePrivilegeSeparation no"
Cheers.
On Wed, 2002-10-02 at 16:00, Alexis Sukrieh wrote:
> Hello there :)
>
> I run debian unstable.
>
> I've just upgraded to the latest ssh package and I cannot connect to my box
> anymor using ssh.
> I've set up telnet to test it and it works fine with telnet.
>
> First, here is the output when user try to connect to the box :
> ____________________________________________________________
>
> poseidon:/home/sukria/dev/debian/openssh-3.4p1# ssh sukria
localhost
> sukrialocalhost's password:
> Connection to localhost closed by remote host.
> Connection to localhost closed.
> poseidon:/home/sukria/dev/debian/openssh-3.4p1#
> _____________________________________________________________
>
>
> It appears to be a PAM related problem :
> Indeed the password authentification is OK, but the system reject the user
> after seeing that his pass is right :
> if I run sshd in debug mode, I can see this error message
> _________________________________________________________________
>
> sshd -d
> [...]
> debug1: userauth-request for user sukria service ssh-connection method password
> debug1: attempt 2 failures 2
> debug1: PAM Password authentication accepted for user "sukria"
> Accepted password for sukria from 81.1.38.34 port 33095 ssh2
> [...]
> debug1: session_input_channel_req: session 0 req shell
> debug1: PAM setting tty to "/dev/pts/2"
> PAM session setup failed[28]: Module is unknown
> ____________________________________________________________________
>
> Does anyone knows how I can solve that problem ??
>
> I've tuned /etc/hosts.deny and /etc/hosts.allow... and again, telnet
> conection are working fine...
>
> Thanks a lot for any help.
>
> Alexis.
>
>
> Alexis Sukrieh (sukria), <alexissukria.net>
> . homepage - [http://sukria.net]
> . clef PGP - [http://sukria.net/print.php?c=privacy]
> . mydynaweb - [http://www.mydynaweb.net]
> ______________________________________________
>
>
> --
> To UNSUBSCRIBE, email to debian-security-requestlists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmasterlists.debian.org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQA9mv6nLEuNhoWmRRURAmAkAJ0UG8uqT0QZ2U9v9P8W1E95bGnuPwCgiUAa
yp3Lnd4zoc346jIUSCSPGRI=
=C0gq
-----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-request
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]