Date: Sun, 6 Feb 2005 14:29:42 -0800 From: Andrew Konstantinov <andrei@kableu.com> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-stable@freebsd.org Subject: Re: 5.3 -> 5 : sshd multiple log entries & login_getclass: unknown class 'root' Message-ID: <20050206222942.GC63042@warrior.kableu.com> In-Reply-To: <20050206222203.GA63042@warrior.kableu.com> References: <20050130084359.GA36069@warrior.kableu.com> <20050202070820.GA26302@warrior.kableu.com> <20050206061245.GA1774@warrior.kableu.com> <20050206090524.GA79029@warrior.kableu.com> <20050206205207.GA764@warrior.kableu.com> <Pine.BSF.4.53.0502062055360.845@e0-0.zab2.int.zabbadoz.net> <20050206222203.GA63042@warrior.kableu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--DrWhICOqskFTAXiy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 06, 2005 at 02:22:03PM -0800, Andrew Konstantinov wrote: > On Sun, Feb 06, 2005 at 09:07:38PM +0000, Bjoern A. Zeeb wrote: > > On Sun, 6 Feb 2005, Andrew Konstantinov wrote: > >=20 > > > On Sun, Feb 06, 2005 at 12:29:23PM -0800, Doug White wrote: > > > > On Sun, 6 Feb 2005, Andrew Konstantinov wrote: > > > > > > > > > *Possible* exact reproduction steps: > > > > > - install RELENG_5 > > > > > - rebuild RELENG_5 with "NO_NIS=3Dtrue" in /etc/make.conf > > > > > - restart sshd service > > > > > > > > Sorry, no dice. I had to set "PermitRootLogin yes" in > > > > /etc/ssh/sshd_config but logging in as root with password succeeds = with no > > > > login class warning. Upgraded from a RELENG_5 from yesterday to one= about > > > > 90 minutes old. > > > > > > > > What is the contents of /etc/nsswitch.conf? bz is telling me that i= f you > > > > still have 'nis' in the lines in nsswitch and you compile with NO_N= IS that > > > > you'll get wierd user lookup errors. > > > > > > > > Also what are the contents of /etc/make.conf? > > > > > > #--- The nsswitch.conf: > > > group: compat > > > group_compat: nis > > > hosts: files dns > > > networks: files > > > passwd: compat > > > passwd_compat: nis > > > shells: files > > > #---------------------- > > > > > > Hmm, I completely forgot about that one. :( I guess 'nis' should have= been > > > switched to 'files' whenever system is compiled with "NO_NIS=3Dtrue". > >=20 > > it's not documented - sorry, will do that. > >=20 > > change it to sth like: > >=20 > > group: files > > hosts: files dns > > networks: files > > passwd: files > > shells: files > >=20 > > w/o this change I can see sth like this when doing passwd auth: > >=20 > > 'sshd[1995]: NSSWITCH(nss_method_lookup): nis, passwd_compat, endpwent,= not found' > >=20 > > But I suspect this will not help with your problem. >=20 > Actually, that solves all the problems. Once I switched to your version of > nsswitch.conf, all the "unknown class" bugs and multiple logging events h= ave > disappeared. I don't know if that matters but my /etc/ssh/sshd_config contains: PasswordAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no UsePAM no Andrew --DrWhICOqskFTAXiy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBppWg+6MtxSjexcRArcdAJ9stXByk0CT6uq3uyEPo9bkSvfeTACfc4ko DbHMBSX1Z9MtVZ1H1e33V00= =so6G -----END PGP SIGNATURE----- --DrWhICOqskFTAXiy--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050206222942.GC63042>