Package: openssh-server Version: 1:4.2p1-4 Severity: important Trying to login as a user using keyboard/password authentication results in:
---- Read from remote host thedarkcitadel.com: Connection reset by peer Connection to thedarkcitadel.com closed. ---- In syslog you have the following: ---- Sep 30 20:08:16 thedarkcitadel sshd[27905]: Accepted keyboard-interactive/pam for ovrlrdq from 70.178.82.111 port 2305 ssh2 Sep 30 20:08:16 thedarkcitadel sshd[27912]: (pam_unix) session opened for user ovrlrdq by (uid=0) Sep 30 20:08:16 thedarkcitadel sshd[27912]: fatal: PAM: pam_setcred(): Critical error - immediate abort Sep 30 20:08:17 thedarkcitadel sshd[27912]: (pam_unix) session closed for user ovrlrdq ---- Luckily if logging in using authorized keys, the operation is successfull otherwise there would be no way to login to the box. Contents of /etc/pam.d/ssh/ : ---- auth required pam_env.so # [1] @include common-auth @include common-account @include common-session session optional pam_motd.so # [1] session optional pam_mail.so standard noenv # [1] session required pam_limits.so @include common-password ---- Contents of /etc/pam.d/common-auth : ---- auth required pam_unix.so nullok_secure ---- Contents of /etc/pam.d/common-account : ---- account required pam_unix.so ---- Contents of /etc/pam.d/common-session : ---- session required pam_unix.so ---- Contents of /etc/pam.d/common-password : --- password required pam_unix.so nullok obscure min=4 max=8 md5 --- -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.12.3-linode14 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages openssh-server depends on: ii adduser 3.67.1 Add and remove users and groups ii debconf [debconf-2.0] 1.4.58 Debian configuration management sy ii dpkg 1.13.11.0.1 package maintenance system for Deb ii libc6 2.3.5-6 GNU C Library: Shared libraries an ii libcomerr2 1.38-2 common error description library ii libkrb53 1.3.6-5 MIT Kerberos runtime libraries ii libpam-modules 0.79-2 Pluggable Authentication Modules f ii libpam-runtime 0.79-2 Runtime support for the PAM librar ii libpam0g 0.79-2 Pluggable Authentication Modules l ii libselinux1 1.26-1 SELinux shared libraries ii libssl0.9.7 0.9.7g-3 SSL shared libraries ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii openssh-client 1:4.2p1-4 Secure shell client, an rlogin/rsh ii zlib1g 1:1.2.3-4 compression library - runtime openssh-server recommends no packages. -- debconf information: ssh/insecure_rshd: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true ssh/encrypted_host_key_but_no_keygen: ssh/disable_cr_auth: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
