From owner-freebsd-security Thu Aug 2 8:34: 4 2001 Delivered-To: freebsd-security@freebsd.org Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by hub.freebsd.org (Postfix) with ESMTP id 181A537B401 for ; Thu, 2 Aug 2001 08:34:02 -0700 (PDT) (envelope-from rjh@mohawk.net) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id f72FY7x92709; Thu, 2 Aug 2001 11:34:07 -0400 (EDT) Date: Thu, 2 Aug 2001 11:34:07 -0400 (EDT) From: Ralph Huntington To: Peter Pentchev Cc: Subject: Re: pam session failing In-Reply-To: <20010802173939.B989@ringworld.oblivion.bg> Message-ID: <20010802112641.T89488-100000@mohegan.mohawk.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Did you at some time update to a newer version of -stable or -current? No... > > More to the point: What is the output of 'fgrep ssh /etc/pam.conf' ? This proved interesting. All the sshd entries were missing from pam.conf. I cannot imagine how the heck that happened since the system (4.2) had not been upgraded since it was installed (telnet was disabled from the start) and ssh always worked fine. > Or it might be something else: does your /etc/master.passwd file list > passwords in DES or MD5 format? Most are now MD5, but a few older ones are DES. When this system was reloaded with 4.2 (had been 3.x), the existing accounts were carried over with the DES passwords in place. That has not presented any problem to us. No, the sshd problem turned out to be the missing entries in pam.conf. Where they went, I do not know. Ralph To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message