Package: ssh Version: 1:3.8p1-3 Severity: normal Followup-For: Bug #240506 I appear to have the exact same problem, except that it's on a new box that I'm setting up rather than an upgrade. I read through all of the previous messages on this bug and thought that I should add some input that hopefully will clarify some things.
I already have an ldap server/client/ssh enviornment set up and working perfectly, I'm just trying to add a client to the farm. That being said, there are aproximately 6,000 or so posixAccount users in the LDAP. They all work in the existing farm. On the new box that I set up, my local user account has the same username as one of the LDAP accounts (my account in the LDAP). If I attempt to log in over ssh or on the console with an account that exists locally AND in the LDAP I can use either my local password, or my LDAP password and gain entry to the system. If I attempt to log in with a user that exists ONLY in LDAP I get an "illegal user" message in the auth.log and can't log in. That being said, let me reiterate, I've configured login and sshd to use use LDAP, and I get the same behaviour from both. Users must exist in the local passwd file, or they can't get it. Since this is the case, I don't think this bug has anything to do with SSH (either that or whatever broke ssh was also done to login and broke it as well) and should be moved to libpam0g, libpam_ldap or something else along those lines. Can we get the pam guys involved with this bug? -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.25-1-386 Locale: LANG=C, LC_CTYPE=C Versions of packages ssh depends on: ii adduser 3.52 Add and remove users and groups ii debconf 1.4.22 Debian configuration management sy ii dpkg 1.10.20 Package maintenance system for Deb ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an ii libpam-modules 0.76-19 Pluggable Authentication Modules f ii libpam-runtime 0.76-19 Runtime support for the PAM librar ii libpam0g 0.76-19 Pluggable Authentication Modules l ii libssl0.9.7 0.9.7d-1 SSL shared libraries ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.2.1-5 compression library - runtime -- debconf information: ssh/insecure_rshd: ssh/ssh2_keys_merged: ssh/user_environment_tell: * ssh/forward_warning: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true ssh/protocol2_only: true ssh/encrypted_host_key_but_no_keygen: ssh/run_sshd: true ssh/SUID_client: true
