Hi!
I would like use the sshd with pam_pgsql module. But it isn't work, and I can't
configure the pam debug too. So my two question:
How can I use the pam debug?
How do I use the sshd with pam-pgsql?
OS: FreeBSD 7.2
My /etc/pamd./sshd:
auth required pam_unix.so no_warn try_first_pass
auth sufficient pam_pgsql.so
config_file=/etc/ssh/ssh-pam_pgsql.conf
account required pam_unix.so
account requisite pam_pgsql.so
config_file=/etc/ssh/ssh-pam_pgsql.conf
password required pam_unix.so no_warn try_first_pass
password sufficient pam_pgsql.so
config_file=/etc/ssh/ssh-pam_pgsql.conf
session sufficient pam_pgsql.so
config_file=/etc/ssh/ssh-pam_pgsql.conf
My /etc/ssh/ssh-pam_pgsql.conf:
debug
pw_type = md5
connect = dbname=sshuser user=attila password=xxxxx
auth_query = select password from felhasznalok where user_name = %u
acct_query = select password from felhasznalok where user_name = %u
pwd_query = update account set password = %p where user_name = %u
psql -U attila -c "SELECT * FROM felhasznalok" sshuser":<code>
user_name | password | uid | gid | login_class | password_change_time |
account_expiry_time | user_full_name | home_directory | user_shell
-----------+----------+------+------+-------------+----------------------+---------------------+----------------+-----------------+------------
sftpuser2 | sara | 2001 | 2001 | hungarian | |
| sftp user | /home/.sftpuser | /bin/sh</code>
My /etc/ssh/sshd_conf:
[..]
UsePAM yes
PasswordAuthentication yes
PermitEmptyPasswords yes
PermitRootLogin without-password
[..]
ssh -v -l sshuser2 luk1814.no-ip.org:
OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to luk1814.no-ip.org [84.3.76.241] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1
FreeBSD-20080901
debug1: match: OpenSSH_5.1p1 FreeBSD-20080901 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'luk1814.no-ip.org' is known and matches the DSA host key.
debug1: Found key in /root/.ssh/known_hosts:6
debug1: ssh_dss_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: password
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
Permission denied, please try again.
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
Permission denied, please try again.
Received disconnect from 84.3.76.241: 2: Too many authentication failures for
sftpuser3
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
