Date: Thu, 20 Oct 2005 11:48:21 +0200 From: Olaf Greve <o.greve@axis.nl> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Weird SSH problem... Any ideas?!? Message-ID: <435767E5.7020002@axis.nl>
next in thread | raw e-mail | index | archive | help
Hi, Yesterday it has been brought to my attention that SSH access is not working well on my new server. The background: I have set-up a new server (FreeBSD 5.4-Release AMD/64) and I migrated the user accounts from my old server (FreeBSD 5.2.1-Release i386). Now, I was under the assumption everything was working fine, as I myself have no issues in SSH-ing as unprivileged user to the machine (note: my unprivileged account is featured in the wheel group, which may be of importance!). However, when a regular user who resides in a regular group tries to SSH to the machine, after entering the correct password the connection is immediately dropped, and the following error (note: the below lines contain dummy names and IP addresses) is shown in /var/log/auth.log: Oct 20 11:39:40 milx sshd[48147]: Accepted keyboard-interactive/pam for abcdef from 123.45.67.89 port 35335 ssh2 Oct 20 11:39:40 milx sshd[48150]: fatal: login_get_lastlog: Cannot find account for uid 1234 I have done some Googling on it, and there are quite a few hits when searching for this particular error message. The errors seem to be happening on all sorts of Unixes, yet as my machines are FreeBSD ones, I'm asking here. I have unfortunately not been able to find a solution using Google, but I did find some pointers as to the cause. They are: -This seems to happen when SSH cannot retrieve the last login date and time for a user. Can this somehow implicitly or explicitly be flushed? -This does not happen when "su -" ing to the user's account from the box itself. -This may not happen to users that are allowed to become root (i.e. are in the wheel group). -This error doesn't seem to be particular to one Unix type, or to one specific OpenSSH version. I tried resetting the user's password, and I also tried blasting their homedirectoy away and recreating a fresh one with "pw usermod abcdef -m", but all to no avail. Possibly it would help to add the user account to the wheel group, but I'm reluctant to do so for obvious reasons. Does anyone know how to resolve this? Cheers and tnx in advance! Olafo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435767E5.7020002>