[OpenAFS] Solaris 9 official sshd patch breaks pam_afs functioning
Jeff Blaine
jblaine@kickflop.net
Tue, 12 Sep 2006 00:07:57 -0400
Has anyone solved this? :( I'm using OpenAFS 1.4.1.
Patch 113273-11 (sshd SPARC) has killed off token-getting via
pam_afs.so.1
I'm syslogging *.debug to /var/adm/debug.log and all I get is
the following (even with 'debug' as an option to pam_afs.so.1)
Sep 12 00:11:12 noodle.domain.com sshd[444]: [ID 800047 auth.info]
Accepted keyboard-interactive for jblaine from 192.168.168.2 port 3995 ssh2
---------------------------------------------------------------------
login as: jblaine
Using keyboard-interactive authentication.
Password:
Last login: Mon Sep 11 23:45:06 2006 from 192.168.168.2
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
jblaine > tokens
Tokens held by the Cache Manager:
--End of list--
jblaine >
---------------------------------------------------------------------
Running 'sshd -d' shows:
...
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 199/384
debug1: bits set: 1565/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1617/3191
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user jblaine service ssh-connection method none
debug1: attempt 0 initial attempt 0 failures 0 initial failures 0
Failed none for jblaine from 192.168.168.2 port 3961 ssh2
debug1: userauth-request for user jblaine service ssh-connection method
keyboard-interactive
debug1: attempt 1 initial attempt 0 failures 1 initial failures 0
debug1: keyboard-interactive devs
debug1: got 1 responses
debug1: PAM conv function returns PAM_SUCCESS
Accepted keyboard-interactive for jblaine from 192.168.168.2 port 3961 ssh2
debug1: permanently_set_uid: 26560/10
debug1: Entering interactive session for SSH2.
...