From owner-freebsd-questions@FreeBSD.ORG Sun May 31 14:44:52 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 34653106566C for ; Sun, 31 May 2009 14:44:52 +0000 (UTC) (envelope-from sajozsattila@citromail.hu) Received: from server14.citromail.hu (server14.citromail.hu [91.83.45.14]) by mx1.freebsd.org (Postfix) with ESMTP id 94C2A8FC0C for ; Sun, 31 May 2009 14:44:50 +0000 (UTC) (envelope-from sajozsattila@citromail.hu) Received: (qmail 18840 invoked by uid 89); 31 May 2009 14:18:09 -0000 Message-ID: <20090531141809.18839.qmail@server14.citromail.hu> To: Received: from 54034CF1.catv.pool.telekom.hu [84.3.76.241] by with HTTP; Sun, 31 May 2009 16:18:09 +0200 From: "=?ISO-8859-2?Q?Saj=F3_Zsolt_Attila?=" Date: Sun, 31 May 2009 16:18:09 +0200 Errors-To: X-Priority: 3 X-Mailer: VIPmail v.2.6 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable Subject: sshd + pam_pgsql X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 May 2009 14:44:52 -0000 Hi! I would like use the sshd with pam_pgsql module. But it isn't work, and I c= an't configure the pam debug too. So my two question: How can I use the pam debug? How do I use the sshd with pam-pgsql? OS: FreeBSD 7.2 My /etc/pamd./sshd: auth=09=09required=09pam_unix.so=09=09no_warn try_first_pass auth=09=09sufficient=09pam_pgsql.so config_file=3D/etc/ssh/ssh-pam_pgsql.co= nf account=09=09required=09pam_unix.so account =09requisite=09pam_pgsql.so config_file=3D/etc/ssh/ssh-pam_pgsql.co= nf password=09required=09pam_unix.so=09=09no_warn try_first_pass password=09sufficient=09pam_pgsql.so config_file=3D/etc/ssh/ssh-pam_pgsql.c= onf session =09sufficient=09pam_pgsql.so config_file=3D/etc/ssh/ssh-pam_pgsql.c= onf My /etc/ssh/ssh-pam_pgsql.conf: debug pw_type =3D md5 connect =3D dbname=3Dsshuser user=3Dattila password=3Dxxxxx auth_query =3D select password from felhasznalok where user_name =3D %u acct_query =3D select password from felhasznalok where user_name =3D %u pwd_query =3D update account set password =3D %p where user_name =3D %u psql -U attila -c "SELECT * FROM felhasznalok" sshuser":<code> user_name | password | uid | gid | login_class | password_change_time | a= ccount_expiry_time | user_full_name | home_directory | user_shell=20 -----------+----------+------+------+-------------+----------------------+-= --------------------+----------------+-----------------+------------ sftpuser2 | sara | 2001 | 2001 | hungarian | | = | sftp user | /home/.sftpuser | /bin/sh</code&g= t; My /etc/ssh/sshd_conf: [..] UsePAM yes PasswordAuthentication yes PermitEmptyPasswords yes PermitRootLogin without-password [..] ssh -v -l sshuser2 luk1814.no-ip.org: OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to luk1814.no-ip.org [84.3.76.241] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 = FreeBSD-20080901 debug1: match: OpenSSH_5.1p1 FreeBSD-20080901 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'luk1814.no-ip.org' is known and matches the DSA host key. debug1: Found key in /root/.ssh/known_hosts:6 debug1: ssh_dss_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Trying private key: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive debug1: Next authentication method: password debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive Permission denied, please try again. debug1: Authentications that can continue: publickey,password,keyboard-inte= ractive Permission denied, please try again. Received disconnect from 84.3.76.241: 2: Too many authentication failures f= or sftpuser3