We recently just updated the pam-krb5 supplied by Russ Allbery from 3.10 to 3.15 and since the update we are not able to ssh as root. Has anyone seen this behavior before? Here are the contents of /var/log/messages. It should be ignoring root, but from this log it seems to be failing at pam_sm_authenticate & pam_setcred . Any help would be appreciated.
Sep 1 09:53:43 sprftp sshd[22646]: Received signal 15; terminating. Sep 1 09:53:44 sprftp sshd[29201]: Server listening on 0.0.0.0 port 22. Sep 1 09:53:51 sprftp sshd[29209]: (pam_krb5): none: pam_sm_authenticate: entry (0x1) Sep 1 09:53:51 sprftp sshd[29209]: (pam_krb5): root: ignoring root user Sep 1 09:53:51 sprftp sshd[29209]: (pam_krb5): root: pam_sm_authenticate: exit (failure) Sep 1 09:53:51 sprftp sshd[29209]: pam_unix2(sshd:auth): pam_sm_authenticate() called Sep 1 09:53:51 sprftp sshd[29209]: pam_unix2(sshd:auth): username=[root] Sep 1 09:53:51 sprftp sshd[29205]: Postponed keyboard-interactive for root from 172.27.18.45 port 37093 ssh2 Sep 1 09:53:55 sprftp sshd[29209]: pam_unix2(sshd:auth): pam_sm_authenticate: PAM_SUCCESS Sep 1 09:53:55 sprftp sshd[29209]: (pam_krb5): none: pam_sm_acct_mgmt: entry (0x0) Sep 1 09:53:55 sprftp sshd[29209]: (pam_krb5): none: skipping non-Kerberos login Sep 1 09:53:55 sprftp sshd[29209]: (pam_krb5): none: pam_sm_acct_mgmt: exit (ignore) Sep 1 09:53:55 sprftp sshd[29205]: Postponed keyboard-interactive/pam for root from 172.27.18.45 port 37093 ssh2 Sep 1 09:53:55 sprftp sshd[29205]: Accepted keyboard-interactive/pam for root from 172.27.18.45 port 37093 ssh2 Sep 1 09:53:55 sprftp sshd[29205]: (pam_krb5): none: pam_sm_setcred: entry (0x2) Sep 1 09:53:55 sprftp sshd[29205]: (pam_krb5): none: no context found, creating one Sep 1 09:53:55 sprftp sshd[29205]: (pam_krb5): none: ignoring root user Sep 1 09:53:55 sprftp sshd[29205]: (pam_krb5): none: pam_sm_setcred: exit (ignore) Sep 1 09:53:55 sprftp sshd[29205]: pam_unix2(sshd:setcred): pam_sm_setcred() called Sep 1 09:53:55 sprftp sshd[29205]: pam_unix2(sshd:setcred): username=[root] Sep 1 09:53:55 sprftp sshd[29205]: pam_unix2(sshd:setcred): pam_sm_setcred: PAM_SUCCESS Sep 1 09:53:55 sprftp sshd[29205]: fatal: PAM: pam_setcred(): The return value should be ignored by PAM dispatch Sep 1 09:54:20 sprftp sshd[29201]: Received signal 15; terminating. Sep 1 09:54:20 sprftp sshd[29268]: Server listening on 0.0.0.0 port 22. _____________________________________________________________________________ "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you." _____________________________________________________________________________ _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info