From owner-freebsd-security Sat Jul 8 9: 4:37 2000 Delivered-To: freebsd-security@freebsd.org Received: from w2xo.pgh.pa.us (ipl-229-037.npt-sdsl.stargate.net [208.223.229.37]) by hub.freebsd.org (Postfix) with ESMTP id 671EA37B7CD for ; Sat, 8 Jul 2000 09:04:28 -0700 (PDT) (envelope-from durham@w2xo.pgh.pa.us) Received: from w2xo.pgh.pa.us (shazam.w2xo.pgh.pa.us [192.168.5.3]) by w2xo.pgh.pa.us (8.9.3/8.9.3) with ESMTP id QAA52568 for ; Sat, 8 Jul 2000 16:04:26 GMT (envelope-from durham@w2xo.pgh.pa.us) Message-ID: <39675126.D3CDCEAE@w2xo.pgh.pa.us> Date: Sat, 08 Jul 2000 12:04:54 -0400 From: Jim Durham Organization: dis- X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.4-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: openssh and PAM Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Since this applies to a system in another galaxy far far away, I'll ask this here! I was building openssh-2.1.1p2 with openssl-0.95a on a 3.3-RELEASE box. (Yes, I know it's upgrade time, but it's a production system and I'm replacing it soon). The sshd daemon would not authenticate using the PAM stuff. I *did* install the stuff from the contrib directory in the openssh sources in /etc/pam.conf. It was suggested by a posting elsewhere that it would work by configging it with --without-pam. You then get a link error, which you can fix with -lcrypt in the Makefile. What sort of security compromise have I caused here? Thanks... -- Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message