From owner-freebsd-questions Wed Jun 28 9:39:15 2000 Delivered-To: freebsd-questions@freebsd.org Received: from state.net (dorthy.state.net [204.75.238.244]) by hub.freebsd.org (Postfix) with ESMTP id DDD2E37B556 for ; Wed, 28 Jun 2000 09:39:04 -0700 (PDT) (envelope-from jon@state.net) Received: from state.net (redoak.state.net [204.75.238.247]) by state.net (8.8.8/8.7.2) with ESMTP id LAA03324 for ; Wed, 28 Jun 2000 11:40:30 -0500 (CDT) Message-ID: <395A2A26.972227DE@state.net> Date: Wed, 28 Jun 2000 11:39:02 -0500 From: Jon X-Mailer: Mozilla 4.73 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@FreeBSD.ORG Subject: Re: OpenSSH 3.4-R: Can't log in from remote ssh client References: <39593C7C.9B06B019@state.net> <05f101bfe0d5$c5acb830$0201010a@craigc> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thanks all for the info. I did run the daemon in debug mode, and noticed it was trying to use PAM, which I know I haven't configured. I've never used PAM, so off to the mail archives and man pages. Thanks for the lead, Craig, this definetely seems to be the problem. Jon Craig Critchley wrote: > > From: "Jon" > > I've d/l'd openssh-2.1.1p1 from ftp.openbsd.org today, and was trying to > > install it on the system described above. I need ssh2 compatibility, > > ... > > > from a remote client that is running all the same versions of programs > > above (on a Solaris 7.7 box), I get a login prompt, but if I try logging > > in using my user account or root, I get denied... > > > > root@jenny's password: > > Permission denied, please try again. > > > > If I ssh from the FreeBSD box to the Solaris box, everything works. It > > seems that the FreeBSD box isn't processing the password or the login > > correctly. Can anyone offer me some advise or help on this? > > > > I had the same problem installing openssh on a 3.2-release machine. > > First, look at /var/log/messages to see if sshd is complaining about > anything. One thing to check is that openssh on freebsd defaults to using > pam ("pluggable authentication modules") so you need to make sure you add > the sshd entries in pam.conf (or /etc/pam.d/sshd depending on how you want > to organize things). This is in openssh's INSTALL file so you may have > already done that, however, INSTALL doesn't mention there's a sample file in > contrib/sshd.pam.freebsd (in the openssh sources). > > Or, you can build openssh without pam support with a configure > switch, --without-pam. > > In my case, I also had a problem with the required PAM module, pam_unix.so, > because the crypt() function was undefined. I tried rebuilding without pam, > but got a link error on crypt(). I then added -lcrypt (to get libcrypt.a > linked into sshd) to the makefile, still building --without-pam. This seems > to have fixed the problem; at least, sshd is working and I can log in > remotely. > > I am not a freebsd development expert, and definitely not an openssh/openssl > expert, and i suspect what i did was wrong (it certainly seems like a hack). > if what I described rings any bells with any experts, I'd like to know what > I should have really done. at the very least, I'd like to know that I > haven't just opened a gaping hole on the machine... > > As for installing from the ports collection, I'm afraid I broke the ports > tree on this machine and have been too lazy to fix it, especially as the fix > is probably to just upgrade to the latest rev... so far openssh is the only > software I've had any trouble with installing manually... > > ...Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message