Package: openssh-server Version: 1:10.2p1-5 Severity: important Dear Maintainer,
I've been running ssh server with the following changes from the defaults: PasswordAuthentication yes PermitRootLogin yes UsePAM no It has been working normally since a recent upgrade (including systemd and libpam-systemd to version 260rc2). Since the upgrade, the above no more works. When I try to ssh to the machine, it reacts as if a wrong password was supplied: ....... debug1: Trying private key: /home/manul/.ssh/id_ed25519 debug3: no such identity: /home/manul/.ssh/id_ed25519: No such file or directory debug1: Trying private key: /home/manul/.ssh/id_ed25519_sk debug3: no such identity: /home/manul/.ssh/id_ed25519_sk: No such file or directory debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password root@localhost's password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password Permission denied, please try again. I tried also changing the KbdInteractiveAuthentication from the default 'no' to 'yes', but it does not solve the problem. Changing UsePAM to `yes` fixes the issue, and the password gets recognized again. How can I continue to use openssh-server with `UsePAM no`? If this is expected behaviour (for example since updating to more recent versions of systemd etc), the documentation should be updated. Thanks, manul -- System Information: Debian Release: forky/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.18.15+deb14-amd64 (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii debconf [debconf-2.0] 1.5.92 ii init-system-helpers 1.69 ii libaudit1 1:4.1.2-1+b1 ii libc6 2.42-13 ii libcom-err2 1.47.2-3+b8 ii libgssapi-krb5-2 1.22.1-2 ii libkrb5-3 1.22.1-2 ii libpam-modules 1.7.0-5+b1 ii libpam-runtime 1.7.0-5 ii libpam0g 1.7.0-5+b1 ii libselinux1 3.9-4+b1 ii libssl3t64 3.5.5-1 ii libwrap0 7.6.q-36+b2 ii libwtmpdb0 0.75.0-5 ii openssh-client 1:10.2p1-5 ii openssh-sftp-server 1:10.2p1-5 ii procps 2:4.0.4-9+b1 ii runit-helper 2.16.5 ii systemd [systemd-sysusers] 260~rc2-1 ii ucf 3.0052 ii zlib1g 1:1.3.dfsg+really1.3.1-3 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 260~rc2-1 pn ncurses-term <none> ii passwd 1:4.19.3-1 ii xauth 1:1.1.2-1.1 Versions of packages openssh-server suggests: pn molly-guard <none> pn monkeysphere <none> ii ssh-askpass 1:1.2.4.1-16+b1 pn ufw <none> -- debconf information: openssh-server/password-authentication: true openssh-server/permit-root-login: true
