Steve Belt (rgpg70)
2003-Oct-02 17:53 UTC
Permission denied (publickey,password,keyboard-interactive)
Hello, I have recently downloaded and compiled openssh-3.7.1p2 on both HP-UX 10.20 and HP-UX 11.00. The compile went fine. Logging in on the system used for the build works fine. However, logging in on a different system (where the newly compiled openssh is installed) results in the following error: Permission denied (publickey,password,keyboard-interactive). I have tried several things I found in some other threads: ChallengeResponseAuthentication to "no" UsePam no then I get the following: Permission denied (publickey,password). Why would it work for one system and not another with the same OS? I did not use the PAM option for the 10.20 compile (could not find the pam headers), but did for the 11.00 compile. Thanks in advance, Steve -- Steve "Wheat" Belt Motorola, Inc. Steve.Belt at motorola.com 6501 William Cannon Dr. West, MD OE341 512-895-2268 Austin, TX 78735
Darren Tucker
2003-Oct-03 03:33 UTC
Permission denied (publickey,password,keyboard-interactive)
"Steve Belt (rgpg70)" wrote:> I have recently downloaded and compiled openssh-3.7.1p2 on both HP-UX > 10.20 and HP-UX 11.00. The compile went fine. Logging in on the system > used for the build works fine. However, logging in on a different > system (where the newly compiled openssh is installed) results in the > following error:[snip]> Why would it work for one system and not another with the same OS?Probably because one system uses normal /etc/passwd and the other uses trusted mode or shadow passwords. Try this patch. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. -------------- next part -------------- Index: auth.c ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth.c,v retrieving revision 1.77 diff -u -p -r1.77 auth.c --- auth.c 2 Sep 2003 21:32:46 -0000 1.77 +++ auth.c 3 Oct 2003 03:31:46 -0000 @@ -112,7 +112,7 @@ allowed_user(struct passwd * pw) return 0; } - if (spw->sp_max != -1 && + if (spw->sp_max != -1 && spw->sp_max != 0 && today > spw->sp_lstchg + spw->sp_max) { logit("User %.100s password has expired (password aged)", pw->pw_name);