I think I've narrowed it down to a problem with the setup for PAM. Just
started learning about PAM today so I threw together a pam.d/sshd file
based on the setups for some other services and created this:
[root@opus30 /etc]# cat pam.d/sshd
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so nullok use_authtok md5
shadow
session required /lib/security/pam_pwdb.so
session optional /lib/security/pam_console.so
That got rid of the "could not find user credentials" problem but now I
get this:
Jun 13 12:57:11 opus30 sshd[11285]: Failed password for bswick from
xxx.xxx.xxx.xxx port 2056
Jun 13 12:57:14 opus30 last message repeated 6 times
Jun 13 12:57:14 opus30 sshd[11285]: Disconnecting: Too many authentication
failures for bswick
Jun 13 12:57:14 opus30 PAM_pwdb[11285]: (sshd) session closed for user
bswick
Here's my sshd_config:
Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh_host_key
RandomSeed /etc/ssh_random_seed
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts no
StrictModes yes
QuietMode no
X11Forwarding yes
FascistLogging yes
PrintMotd yes
KeepAlive yes
SyslogFacility LOCAL7
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes
# PidFile /u/zappa/.ssh/pid
AllowHosts xxx.xxx.xxx.xxx
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
If anyone has a functioning pam.d/sshd file I'd love to see it.
Brian Swick
[EMAIL PROTECTED]
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
