Re: Help: ssh denying login...

Mon, 21 Aug 2000 17:14:29 -0700 

On Fri, Aug 11, 2000 at 10:28:36AM -0700, Anders Knudsen wrote:
> OK, I promise not to ask too many more newbie type questions. But...
> I've got Openssh all installed. I have the daemon running. I read the man 
> pages, FAQ, and went through all the config stuff in /etc/ssh/sshd_config 
> (where I put my config files.)
> Now...when I try to log in with ssh, I get denied. (see results from my 
> /var/log/messages below)
> I have not been able to see wherein the problem lies. I'm not sure it's a 
> PAM issue, since I don't have an sshd file in my /etc/pam.d directory. Is 
> this something that I need to add in order for passwords to be 
> authenticated? If so, what should it look like? Any ideas?
> Again, my box is running redhat 6.2, kernel 2.2.16.

        Yes...  You're problem is the lack of an ssh config file in
/etc/pam.d.  The default pam configuration is to deny everything.

================
#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow nodelay
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so
================

> from /var/log/messages
> Aug 11 11:15:54 spider sshd[1172]: Server listening on 0.0.0.0 port 22.
> Aug 11 11:15:54 spider sshd: sshd startup succeeded
> Aug 11 11:15:54 spider sshd[1172]: Generating 768 bit RSA key.
> Aug 11 11:15:55 spider sshd[1172]: RSA key generation complete.
> Aug 11 11:16:03 spider sshd[1176]: Failed password for aknudsen from 
> 192.168.200.120 port 880
> Aug 11 11:16:06 spider last message repeated 2 times
> Aug 11 11:16:06 spider sshd[1176]: Connection closed by 192.168.200.120
> Aug 11 11:16:06 spider sshd[1176]: Cannot close PAM session: System error
> Aug 11 11:16:06 spider sshd[1176]: Cannot delete credentials: 
> Authentication service cannot retrieve user credentials
> 
> TIA!
> -Anders Knudsen

-- 
 Michael H. Warfield    |  (770) 985-6132   |  [EMAIL PROTECTED]
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

Reply via email to