Re: PAM and openSSH 2.5.1p2 in redhat 6.2

Thu, 22 Mar 2001 17:39:30 -0800 

On Thu, 22 Mar 2001, David Talkington blurted out:

DT>Thornton Prime wrote:
DT>
DT>>> I installed openSSH 2.5.1p2 (compiled from source) on my redhat 6.2 (with
DT>>> the updated PAM rpm installed) and it now denies all passwords when i try to
DT>>> remote in. I know it is not a problem with the sshd.conf file since i have
DT>>> tried pretty much everything there. I think it is the PAM support, and for
DT>>> that I copied the redhat module from the SSH tarball like the INSTALL file
DT>>> said. No dice. The PAM guys say to ask you... any ideas?
DT>>
DT>>Check your /etc/pam.d/sshd file. My guess is that it is broken there. It
DT>>should look something like /etc/pam.d/login (minus the securetty stuff)
DT>>depending on the policies you are trying to enforce.
DT>
DT>First, make sure you've compiled it with --with-pam.  That was the
DT>default in the previous version, but no longer is, apparently.
DT>
DT>Second, I can attest that there seems to be a problem with PAM support
DT>in 2.5.1p2.  ssh works ok, but scp doesn't seem to be working with PAM
DT>in this release, at least on Solaris 8.  We've had to back up to 2.3.0
DT>until it we sort it out.

FYI openssh-2.5.2p2-1 was released today... here's the relevant portion
of the changelog:

20010322
 - (djm) Better AIX no tty fix, spotted by Gert Doering
<[EMAIL PROTECTED]>
 - (djm) Released 2.5.2p2

20010321
 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
   VanDevender <[EMAIL PROTECTED]>
 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch
   from Solar Designer <[EMAIL PROTECTED]>
 - (djm) Don't loop forever when changing password via PAM. Patch
   from Solar Designer <[EMAIL PROTECTED]>
 - (djm) Generate config files before build
 - (djm) Correctly handle SIA and AIX when no tty present. Spotted and
   suggested fix from Mike Battersby <[EMAIL PROTECTED]>



--
Chuck Mead, csm -AT- moongroup.com, Owner, MoonGroup.com
(Note: html formatted email sent to me is filtered & deleted unread)
GnuPG Public Key Available: http://wwwkeys.us.pgp.net



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to