bugzilla-daemon at bugzilla.mindrot.org
2016-Oct-07 14:58 UTC
[Bug 2622] New: PAM stack sometimes will not run during auth and this causes auths to fail
https://bugzilla.mindrot.org/show_bug.cgi?id=2622 Bug ID: 2622 Summary: PAM stack sometimes will not run during auth and this causes auths to fail Product: Portable OpenSSH Version: 4.3p2 Hardware: ix86 OS: Linux Status: NEW Severity: normal Priority: P5 Component: PAM support Assignee: unassigned-bugs at mindrot.org Reporter: desaiar at umich.edu Created attachment 2877 --> https://bugzilla.mindrot.org/attachment.cgi?id=2877&action=edit Config Files and Debug Logs I am running Centos 5 OpenSSH 4.3p2-82.0.2 This patch for the portable version has caused a bug where my PAM stack is sometimes not being run. Attempting to connect about 70% of the time will give me a failure, but occasionally I will see the password prompt from pam_unix and be allowed to auth successfully. Upgrading and downgrading between 4.3p2-82.0.1 and 4.3p2-82.0.2 has shown me that the issue is connected to this patch in some way. In 4.3p2-82.0.1 I always get directed to perform PAM authentication and can auth. I've attached the two new patch files for this version to help debugging. Since I'm using challenge response authentication I believe it is more related to the keyboard-interactive patch. I've also included my sshd_config file. I believe the interesting callouts are: PasswordAuthentication no ChallengeResponseAuthentication yes UsePAM yes I have included the relevant PAM stack files as well. For debugging I've attached part of the client logs with -vvv and part of the server logs with -ddd. The logs seem to suggest that it knows to run the PAM stack but then somewhere the connection does not succeed. Please let me know if there is anything else I can do to help troubleshoot this issue. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Oct-09 05:22 UTC
[Bug 2622] PAM stack sometimes will not run during auth and this causes auths to fail
https://bugzilla.mindrot.org/show_bug.cgi?id=2622 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #1 from Darren Tucker <dtucker at zip.com.au> --- (In reply to desaiar from comment #0)> I am running Centos 5 OpenSSH 4.3p2-82.0.2That is a vendor-modified version of a ten year old OpenSSH release. Can you reproduce the problem with the current release (7.3p1) build from the source available at openssh.com? If not then you need to talk to the vendor for help. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Oct-14 16:55 UTC
[Bug 2622] PAM stack sometimes will not run during auth and this causes auths to fail
https://bugzilla.mindrot.org/show_bug.cgi?id=2622 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #2 from Darren Tucker <dtucker at zip.com.au> --- Please reopen if you can reproduce with the current version as available from openssh.com, otherwise please report this problem to the package's vendor. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 02:26 UTC
[Bug 2622] PAM stack sometimes will not run during auth and this causes auths to fail
https://bugzilla.mindrot.org/show_bug.cgi?id=2622 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after release of OpenSSH 7.7. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Seemingly Similar Threads
- [vhost:linux-next 3/11] drivers/net/ethernet/freescale/dpaa/dpaa_eth.c:2622:20: error: initialization from incompatible pointer type
- [Bug 676] auth-pam.c trashes stack in sshpam_thread_conv() with more than one message
- samba Mount command failure
- OpenSSH 4.3p2 on Solaris 10 and PAM
- update.packages with ask = FALSE will sometimes ask about updates