Hi,
just a few days ago I upgraded to openssh-2.3.0p1 on HP-UX 11.00, trusted
system, incl. the PAM-patch PHCO_22265 and I run into another problem. The
situation is the following. I come from server inside a firewall and go through
the firewall wia a ssh-plug-gateway to one host in our internet section and
further do a second server in the internet section. All this including the
ssh-agent mechanism. The command is like:
hendl at server > ssh -t host_a ssh -t firewall ssh -t host_b
This procedere works fine, but on the host firewall I am disabled after an
couple of conncetions because of too many unseccesful logins. Unfortunately the
lastb command says nothing and in fact I didn't login to that machine, I
used it only as an gateway. The syslog.log tells:
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52166
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52167
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52168
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52169
sshd [xxx] Accepted rsa for hendl from a.b.c.d port 52170
sshd [xxx] PAM rejected by account configuration[28]: Account is disabled - see
Account Administrator
It looks for me that the PAM tries to authenticate via passwd but the
authentication comes via the ssh-agent and therefore the account is disabled
after three connections.
Any help appreciated!
regards
Stephan
--
LDS Brandenburg
Dr. Stephan Hendl
fon: +49-(0)331-39 471
fax: +49-(0)331-27548 1187
EMail: stephan.hendl at lds.brandenburg.de