search for: mm_sshpam_free_ctx

...sh_msg_recv entering debug3: ssh_msg_send: type 7 PAM: Authentication token is no longer valid; new one required. debug3: mm_request_send entering: type 49 debug3: mm_request_receive entering debug3: mm_sshpam_query: pam_query returned -1 debug2: auth2_challenge_start: devices <empty> debug3: mm_sshpam_free_ctx debug3: mm_request_send entering: type 52 debug3: mm_sshpam_free_ctx: waiting for MONITOR_ANS_PAM_FREE_CTX debug3: mm_request_receive_expect entering: type 53 debug3: mm_request_receive entering debug3: monitor_read: checking request 52 debug3: mm_answer_pam_free_ctx debug3: mm_request_send enterin...

...ying to get it to run on our Solaris 8 systems running Sun's SRM system. With existing users it is fine, but with a new user, the user can not ssh in on the first login, they get the message from SRM that no lnode has been created. I put sshd in debug and found that it SEG's here: debug3: mm_sshpam_free_ctx: waiting for MONITOR_ANS_PAM_FREE_CTX debug3: monitor_read: checking request 52 debug3: mm_answer_pam_free_ctx debug3: mm_request_receive_expect entering: type 53 debug3: mm_request_receive entering debug3: mm_request_send entering: type 53 debug2: monitor_read: 52 used once, disabling now debug3:...

On Tue, 23 Dec 2014, Dmt Ops wrote: > testing goole-authenticator's standalone functionality, it > > > cd google-authenticator/libpam/ > > ./demo > Verification code: 123456 > Login failed > Invalid verification code > > > > fails with an INVALID code, and > > > ./demo > Verification code:

.../ + xfree(ctxt->user); + xfree(ctxt); } -#endif +KbdintDevice sshpam_device = { + "pam", + sshpam_init_ctx, + sshpam_query, + sshpam_respond, + sshpam_free_ctx +}; + +KbdintDevice mm_sshpam_device = { + "pam", + mm_sshpam_init_ctx, + mm_sshpam_query, + mm_sshpam_respond, + mm_sshpam_free_ctx +}; + +#endif /* USE_PAM */ Index: auth2-pam.h =================================================================== RCS file: auth2-pam.h diff -N auth2-pam.h --- auth2-pam.h 9 Feb 2001 01:55:36 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,8 +0,0 @@ -/* $Id: auth2-pam.h,v 1.2 2001/02/09 01...

.../ + xfree(ctxt->user); + xfree(ctxt); } -#endif + +KbdintDevice sshpam_device = { + "pam", + sshpam_init_ctx, + sshpam_query, + sshpam_respond, + sshpam_free_ctx +}; + +KbdintDevice mm_sshpam_device = { + "pam", + mm_sshpam_init_ctx, + mm_sshpam_query, + mm_sshpam_respond, + mm_sshpam_free_ctx +}; + +#endif /* USE_PAM */ Index: auth2-pam.h =================================================================== RCS file: auth2-pam.h diff -N auth2-pam.h --- auth2-pam.h 9 Feb 2001 01:55:36 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,8 +0,0 @@ -/* $Id: auth2-pam.h,v 1.2 2001/02/09 01...

...0 responses debug3: mm_request_send entering: type 53 debug3: mm_request_receive entering debug3: mm_sshpam_respond: waiting for MONITOR_ANS_PAM_RESPOND debug3: mm_request_receive_expect entering: type 53 debug3: mm_request_receive entering debug3: mm_sshpam_respond: pam_respond returned 0 debug3: mm_sshpam_free_ctx debug3: mm_request_send entering: type 54 debug3: monitor_read: checking request 54 debug3: mm_answer_pam_free_ctx debug3: PAM: sshpam_free_ctx entering debug3: PAM: sshpam_thread_cleanup entering debug3: mm_request_send entering: type 55 debug2: monitor_read: 54 used once, disabling now debug3: mm...

On Sun, Dec 21, 2014 at 5:25 PM, Damien Miller <djm at mindrot.org> wrote: > On Fri, 19 Dec 2014, Dmt Ops wrote: > > > I added an EXPLICIT > > > > AuthenticationMethods publickey,keyboard-interactive > > + UsePam yes > > > > to sshd_config. Now, at connect attempt I get > > > > Password: > > Verification code: > >

...ket_start(SSH2_MSG_USERAUTH_BANNER); packet_put_cstring(**prompts); packet_put_cstring(""); @@ -500,6 +500,7 @@ sshpam_free_ctx }; +#ifndef DISABLE_PRIVSEP KbdintDevice mm_sshpam_device = { "pam", mm_sshpam_init_ctx, @@ -507,6 +508,7 @@ mm_sshpam_respond, mm_sshpam_free_ctx }; +#endif /* DISABLE_PRIVSEP */ /* * This replaces auth-pam.c @@ -673,8 +675,10 @@ pam_conv.conv = pam_chauthtok_conv; pam_conv.appdata_ptr = NULL; +#ifndef DISABLE_PRIVSEP if (use_privsep) fatal("Password expired (unable to change with privsep)"); +#endif /* DISABLE_PRI...