Openssh 3.4 password problems?

[crotty]

I've searched the forums, and tried compiling openssh 3.4 via emerge and directly from source, but I keep getting the same problem. When I try to log in (with the right password, as root or a normal user), it tells me permission denied, please try again. It's like this whether or not I turn on UsePrivelegeSeparation, which i doubt has anything to do with this. It was not happening with the emerge of openssh right before 3.4, but it started with 3.4. Any help would be greatly appreciated....

Crotty

[Zu`]

Strange problem, since 3.4 works fine here on Gentoo aswell as on OpenBSD.

Man page says this about PrivilegeSeparation, althought it's not really clear (at least to me):

[crotty]

The really weird thing is that i just compiled openssl-0.9.6d and the latest openssh-3.4 from source on a redhat test box, and the same freakin thing happened...damn, i was hoping other people had this problem...
this has to be a configuration file problem, what possible option deals with this weirdness....i'm stumped....
thanks

Crotty

(oh, and i tried it with the default config files, and with the PrivSep thing, same problem... i'm gonna cry )

[klieber]

Do your log files have anything pertinent in them?

--kurt
_________________
The problem with political jokes is that they get elected

[crotty]

Pertinent info from my log file: (/var/log/messages)
when i restart sshd:
sshd[14039]: Server listening on 0.0.0.0 port 22

when i telnet in:
PAM_pwdb[14016]: (login) session opened for user whoever by (uid=0)

but when i ssh in:
sshd[14039]: Failed password for whoever from 127.0.0.1 port 1033 ssh2

also, there's a modprobe error abou net-pf-10
modprobe: Can't locate module net-pf-10
but isn't that for IPv6?
Could my problem be that i'm not compiling in PAM support or something like that?
Thanks in advance,
Crotty

[dice]

I get this same error, I've re-emerged openssh but I still get it Actualy, I can ssh in as the first user account I created, but none of the other ones.

[bung-foo]

I have this exact smae problem. Has anyone figured out what this is about or how to fix it?


Bung-Foo

[vert]

Anyone found a solution yet? I just ran into the same problems. But found out that root can login, no users though...

[bung-foo]

yep, same issue. no solution yet. I've got a thread going on the gentoo-newbies mailing list. I'll post here if/when I find a solution.


Bung-Foo

[bung-foo]

i lied, check /etc/passwd make sure the line for your user indicates a shell to use should look like this

bung-foo:x:1000:100::/home/bung-foo:/bin/bash

shell entry should be at the end.


Bung-Foo

[Xor]

well my 2c

do you allow root to login directly? some systems (configs) have disabled that... check you sshd_conf

I emerged openssh 3.4p1 in gentoo a while ago, there was no problem with the package.

[Blahbbs]

That's the ticket... Check your entry in the /etc/passwd file and make sure you have a shell defined. I added /bin/bash to the end of the account entry and ssh worked like a champ.

Thanks bung-foo...

--Blahbbs

[bung-foo]

sweetness. glad you got it working. I picked up that info from the gentoo-newbies mailing list.


Bung-Foo

[Mandr4ke]

very strange.. i just emerge and starting using openssh.. and i'm having a big problem with it..

I can login as root, and my main user.. but when i try another user (3rd),, i get password failed each time.. i've changed the password a couple time, and the shell.. aswell.. it's currently set to just /bin/bash and login's normally.. just not through ssh.. and ideas??

My goal also is for this 3rd user account to a public account, so i want it to accept all keys from everyone to excrypt each session.. it's kicks off a BBS and i thoguht this would be a good replacement for Telnetd could i be missing something with generating a key for the 'bbs' user.. hmmm

[rac]

[EPrime]

Fwiw, I enabled PrivSep here (Mandrake 7.2) and haven't had a problem with ssh or anything related.

Given that this option has less code running as root the least one should do is try it out and if it doesn't work or causes unwanted side-effects alternatives can be tried.

I'd prefer not to get into the fingerpointing business, so this is a purely technical observation from my own experience with it.

[rac]

After consulting with jmglov, his post has been split into its own thread in Gentoo Chat.
_________________
For every higher wall, there is a taller ladder

[jmglov]

[rac]

Followups to jmglov's post should be directed here. I would graft these last two posts onto that thread, but alas, phpBB has not this feature.
_________________
For every higher wall, there is a taller ladder

[BradB]

I had problems logging into sourceforge with ssh. I don't know if this is the same problem, but I fixed it by forcing protocol 1 (RSH I think). You can create a ~/.ssh/Profile file and add the line "Protocol 1,2" I think.

Cheers
Brad

[rac]

[klieber]

[dingo]

I just had the exact same problem a few minutes ago on a remote machine, only root could ssh in. I found the problem to be with the 'adduser' program gentoo uses to add users, it doesn't give them a shell in /etc/passwd (since i've never even physically touched this machine i've never tried from the terminal). After much frustration I fixed it by adding /bin/bash to the end of the line in the user's line in /etc/passwd. Hope that works.

[rac]

[acidreign]

I have found that it is actually a pam configuration issue, no.. gentoo has it fine, its just that pam expects the user to have a shell.

You have to set the users shell, you can do this when you add a new user by

adduser -m -s /bin/bash username

(if you have bash installed)

or to a running user with

usermod -s /bin/bash username

On the upside, if you do not give a user a shell, they can not log in remotely with ssh, yet still log in with ftp and other daemons.