On Tue, Aug 01, 2000 at 01:52:19PM +0000, Pier Erik Hegeman wrote:
> Hi,
> I'm something of a newbie sysadmin so I apologise in advance if this is a
> totally obvious error. I'm having a problem with sshd in that it's refusing
> access from all user accounts. The error I'm getting is "permission denied,
> try again." I've tried many times with various different user accounts so
> the chance that I've got the password wrong is pretty slim. I ran ssh with
> the -v switch and everything looked normal until the authentication when it
> just crapped out with the same error. I think it may be a PAM problem,
> since the system's logging a PAM error. Here's a snippet of /var/log/messages:
> Aug 1 04:57:37 www sshd[28154]: Failed password for pier from
> 192.168.100.193 port 679
> Aug 1 04:57:39 www sshd[28154]: Connection closed by 192.168.100.193
> Aug 1 04:57:39 www sshd[28154]: Cannot close PAM session: System error
> Aug 1 04:57:39 www sshd[28154]: Cannot delete credentials: Authentication
> service cannot retrieve user credentials
> Aug 1 04:57:49 www sshd[28156]: Failed password for postgres from
> 192.168.100.193 port 954
> Aug 1 04:57:50 www sshd[28156]: Connection closed by 192.168.100.193
> Aug 1 04:57:50 www sshd[28156]: Cannot close PAM session: System error
> Aug 1 04:57:50 www sshd[28156]: Cannot delete credentials: Authentication
> service cannot retrieve user credentials
I've seen this before. Did you install from sources or from a
binary RPM? I'll bet from the source.
> I've installed openssh-2.1.0 on RH linux 6.0, I'm using pam ver. 0.72-6.
> Any hints? Thanx in advance,
Yeah... You are probably missing the file /etc/pam.d/sshd which
pam needs. If you don't have it, here is and example taken from one of
my systems:
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nodelay
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
session required /lib/security/pam_limits.so
I slammed into the same thing on my systems when I tried to install
from sources rather than install from binary RPM. If you really want to
install from sources, then unpack the source RPM and build the binary RPM
on your system using the command "rpm -ba sshd.spec". You'll find the
spec file in /usr/src/redhat/SPECS after installing the SRPM. Then you
can install the binary rpm you just created.
Simply installing from a source tarball doesn't create the pam
config file and this is the symptoms you get.
> -Pier
> ---------------------------------------------------------------------
> Pier Hegeman, Web Programmer | Adex Ltd., Japan
> e-mail: [EMAIL PROTECTED] | Kobayashi Bldg. 5F,4-2-10, Kudanminami,
> http://www.adex-japan.com | Chiyoda-ku, Tokyo, Japan 102-0074
> ---------------------------------------------------------------------
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
