[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] RaQ3 OpenSSH_3.4p1 password

Subject: RE: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
From: "Matthew Nuzum" <cobalt@xxxxxxxxxxxxx>
Date: Mon, 1 Jul 2002 10:50:40 -0400
Organization: Bearfruit.org
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Gerald, you may want to check your /etc/pam.d/sshd file.  One of my Raqs
that is working says the following:
#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow nodelay
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok
use_authtok
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so

Matthew Nuzum
www.bearfruit.org
cobalt@xxxxxxxxxxxxx


> -----Original Message-----
> From: cobalt-security-admin@xxxxxxxxxxxxxxx [mailto:cobalt-security-
> admin@xxxxxxxxxxxxxxx] On Behalf Of Gerald Waugh
> Sent: Monday, July 01, 2002 10:34 AM
> To: cobalt-security@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
> 
> On Monday 01 July 2002 08:45 am, Jonathan Michaelson wrote:
> > Did you compile this one yourself rather than using one of the
packages?
> > Just wondering if you might have missed --with-pam off of the
configure.
>    It was a pkg
> > sshd -d -D
> debug1: sshd version OpenSSH_3.4p1
> debug1: read PEM private key done: type RSA
> debug1: private host key: #0 type 1 RSA
> debug1: read PEM private key done: type DSA
> debug1: private host key: #1 type 2 DSA
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> debug1: Server will not fork when running in debugging mode.
> Connection from 192.168.1.16 port 34162
> debug1: Client protocol version 2.0; client software version
OpenSSH_3.1p1
> debug1: match: OpenSSH_3.1p1 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.4p1
> debug1: list_hostkey_types: ssh-rsa,ssh-dss
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
> debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
> debug1: dh_gen_key: priv key bits set: 116/256
> debug1: bits set: 1609/3191
> debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
> debug1: bits set: 1588/3191
> debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: KEX done
> debug1: userauth-request for user admin service ssh-connection method
none
> debug1: attempt 0 failures 0
> debug1: Starting up PAM with username "admin"
> Could not reverse map address 192.168.1.16.
> debug1: PAM setting rhost to "192.168.1.16"
> Failed none for admin from 192.168.1.16 port 34162 ssh2
> Failed none for admin from 192.168.1.16 port 34162 ssh2
> debug1: userauth-request for user admin service ssh-connection method
> keyboard-interactive
> debug1: attempt 1 failures 1
> debug1: keyboard-interactive devs
> debug1: auth2_challenge: user=admin devs=
> debug1: kbdint_alloc: devices ''
> Failed keyboard-interactive for admin from 192.168.1.16 port 34162
ssh2
> debug1: userauth-request for user admin service ssh-connection method
> password
> debug1: attempt 2 failures 2
> debug1: PAM Password authentication for "admin" failed[7]:
Authentication
> failure
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> debug1: userauth-request for user admin service ssh-connection method
> password
> debug1: attempt 3 failures 3
> debug1: PAM Password authentication for "admin" failed[7]:
Authentication
> failure
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> debug1: userauth-request for user admin service ssh-connection method
> password
> debug1: attempt 4 failures 4
> debug1: PAM Password authentication for "admin" failed[7]:
Authentication
> failure
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> Failed password for admin from 192.168.1.16 port 34162 ssh2
> Connection closed by 192.168.1.16
> debug1: Calling cleanup 0x806ef10(0x0)
> debug1: Calling cleanup 0x80540f0(0x0)
> debug1: Calling cleanup 0x806ef10(0x0)
> 
> Sure looks lime PAM, but it was installed from pkg
> 
> --
> Gerald Waugh
> http://frontstreetnetworks.com  SOHO Networks & Web Site Hosting
> Front Street Networks LLC     voice +1 203 785 0699 * fax +1 203 785
1787
> 229 Front Street, Ste. #C, New Haven CT 06513-3203
> 
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

Follow-Ups:
- Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
  - From: Gerald Waugh

References:
- Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
Next by Date: Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
Previous by thread: Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password
Next by thread: Re: [cobalt-security] RaQ3 OpenSSH_3.4p1 password

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index