Package: openssh-server Version: 1:5.5p1-4 Severity: normal
When PrivilegeSeparation is on (the default), errors from pam modules are not logged anywhere (apparently, pam tries to open /dev/log in a chroot). this is somewhat serious as no message whatsoever gets logged for semi-successfull log-ins. example message that is only logged when priv. sep is off: Oct 6 04:20:28 rain sshd[24468]: fatal: Access denied for user sf-grunt by PAM account configuration -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssh-server depends on: ii adduser 3.112 add and remove users and groups ii debconf [debconf-2.0] 1.5.35 Debian configuration management sy ii dpkg 1.15.8.4 Debian package management system hi libc6 2.11.2-6 Embedded GNU C Library: Shared lib ii libcomerr2 1.41.12-2 common error description library ii libgssapi-krb5-2 1.8.3+dfsg-1 MIT Kerberos runtime libraries - k ii libkrb5-3 1.8.3+dfsg-1 MIT Kerberos runtime libraries ii libpam-modules 1.1.1-6 Pluggable Authentication Modules f ii libpam-runtime 1.1.1-6 Runtime support for the PAM librar ii libpam0g 1.1.1-6 Pluggable Authentication Modules l ii libselinux1 2.0.96-1 SELinux runtime shared libraries ii libssl0.9.8 0.9.8o-2 SSL shared libraries ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-client 1:5.5p1-4 secure shell (SSH) client, for sec ii procps 1:3.2.8-9 /proc file system utilities ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages openssh-server recommends: ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.4-1 X authentication utility Versions of packages openssh-server suggests: pn molly-guard <none> (no description available) pn rssh <none> (no description available) ii ssh-askpass 1:1.2.4.1-9 under X, asks user for a passphras pn ufw <none> (no description available) -- Configuration Files: /etc/pam.d/sshd changed [not included] -- debconf information: ssh/encrypted_host_key_but_no_keygen: ssh/insecure_telnetd: * ssh/use_old_init_script: true ssh/new_config: true ssh/insecure_rshd: ssh/disable_cr_auth: false ssh/vulnerable_host_keys: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
