Hi, i am experiencing a problem with ssh 3.0.2.p1 running on Solaris 2.8. Everything works fine with local users (i.e. with local passwd and shadow entries). With LDAP authenticated users, i obtain: treno at tao[!] -> ssh -v Segmentation Fault (core dumped) The probem is the same with 2.x releases. Thank you, Roberto Bertucci
On Mon, 18 Feb 2002, Roberto Bertucci wrote:> Date: Mon, 18 Feb 2002 10:39:29 +0100 > From: Roberto Bertucci <roberto.bertucci at netscalibur.it> > To: openssh-unix-dev at mindrot.org > Subject: Problem with Sol8 and LDAP > > Hi, i am experiencing a problem with ssh 3.0.2.p1 running on Solaris 2.8.What patches do you have installed for Sol8? Did you install all of the recommended patches along with relevent LDAP/PAM patches? What does your /etc/nsswitch.conf look like? What does /etc/pam.conf look like?> Everything works fine with local users (i.e. with local passwd and shadow > entries). With LDAP authenticated users, i obtain: > > treno at tao[!] -> ssh -v > Segmentation Fault (core dumped)We need a little more than "core dumped" to be able to solve the problem... can you provide truss output? Is "treno" user a that is logged in via PAM+LDAP (there is an sshd process involved) or is this a user who is on the console trying to ssh out of the system?> The probem is the same with 2.x releases.I've never seen the client dump core like this, even on a system that has PAM configured to use LDAP. Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
Thank you for your answer. I took a little time to update Solaris to the last recommended patch level (rel. 04 Feb 2002). The problem is still here. User treno (this is me) is connected via telnet and authenticated against LDAP server (netscape 4.1). Even a truss is not useful: treno at tao[!] -> truss ssh -v truss: cannot trace set-id or unreadable object file: /usr/local/bin/ssh I am attaching pam.conf and nsswitch.conf Thank you, RB At 09.31 18/02/2002 -0500, Ed Phillips wrote:>On Mon, 18 Feb 2002, Roberto Bertucci wrote: > > > Date: Mon, 18 Feb 2002 10:39:29 +0100 > > From: Roberto Bertucci <roberto.bertucci at netscalibur.it> > > To: openssh-unix-dev at mindrot.org > > Subject: Problem with Sol8 and LDAP > > > > Hi, i am experiencing a problem with ssh 3.0.2.p1 running on Solaris 2.8. > >What patches do you have installed for Sol8? Did you install all of the >recommended patches along with relevent LDAP/PAM patches? What does your >/etc/nsswitch.conf look like? What does /etc/pam.conf look like? > > > Everything works fine with local users (i.e. with local passwd and shadow > > entries). With LDAP authenticated users, i obtain: > > > > treno at tao[!] -> ssh -v > > Segmentation Fault (core dumped) > >We need a little more than "core dumped" to be able to solve the >problem... can you provide truss output? Is "treno" user a that is logged >in via PAM+LDAP (there is an sshd process involved) or is this a user who >is on the console trying to ssh out of the system? > > > The probem is the same with 2.x releases. > >I've never seen the client dump core like this, even on a system that has >PAM configured to use LDAP. > > Ed > >Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 >Systems Programmer III, Network and Systems Services >finger -l ed at polycut.nss.udel.edu for PGP public key-------------- next part -------------- A non-text attachment was scrubbed... Name: nsswitch.conf Type: application/octet-stream Size: 787 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020219/0a9c9e12/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: pam.conf Type: application/octet-stream Size: 2342 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020219/0a9c9e12/attachment-0001.obj
You have to be root on Solaris to truss a setuid executable (which ssh is). So try (as root): root at tao[!] -> truss ssh -l treno -v Thanks, --Jason Lacoss-Arnold, Systems Technical Specialist Technical Services - Unix Arch. 314-955-8501 -----Original Message----- From: Roberto Bertucci [mailto:roberto.bertucci at netscalibur.it] Sent: Tuesday, February 19, 2002 3:51 To: Ed Phillips Cc: OpenSSH Development Subject: Re: Problem with Sol8 and LDAP Thank you for your answer. I took a little time to update Solaris to the last recommended patch level (rel. 04 Feb 2002). The problem is still here. User treno (this is me) is connected via telnet and authenticated against LDAP server (netscape 4.1). Even a truss is not useful: treno at tao[!] -> truss ssh -v truss: cannot trace set-id or unreadable object file: /usr/local/bin/ssh I am attaching pam.conf and nsswitch.conf Thank you, RB At 09.31 18/02/2002 -0500, Ed Phillips wrote:>On Mon, 18 Feb 2002, Roberto Bertucci wrote: > > > Date: Mon, 18 Feb 2002 10:39:29 +0100 > > From: Roberto Bertucci <roberto.bertucci at netscalibur.it> > > To: openssh-unix-dev at mindrot.org > > Subject: Problem with Sol8 and LDAP > > > > Hi, i am experiencing a problem with ssh 3.0.2.p1 running on Solaris2.8.> >What patches do you have installed for Sol8? Did you install all of the >recommended patches along with relevent LDAP/PAM patches? What does your >/etc/nsswitch.conf look like? What does /etc/pam.conf look like? > > > Everything works fine with local users (i.e. with local passwd andshadow> > entries). With LDAP authenticated users, i obtain: > > > > treno at tao[!] -> ssh -v > > Segmentation Fault (core dumped) > >We need a little more than "core dumped" to be able to solve the >problem... can you provide truss output? Is "treno" user a that is logged >in via PAM+LDAP (there is an sshd process involved) or is this a user who >is on the console trying to ssh out of the system? > > > The probem is the same with 2.x releases. > >I've never seen the client dump core like this, even on a system that has >PAM configured to use LDAP. > > Ed > >Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 >Systems Programmer III, Network and Systems Services >finger -l ed at polycut.nss.udel.edu for PGP public key*************************************************************************************** WARNING: All e-mail sent to and from this address will be received or otherwise recorded by the A.G. Edwards corporate e-mail system and is subject to archival, monitoring or review by, and/or disclosure to, someone other than the recipient. *************************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020219/e1cc3810/attachment.html