How to set up PAM to work with sshd in current
by StalocX from LinuxQuestions.org on (#57FS9)
I've successfully installed current on VPS, however I can't setup sshd to work with PAM. Default configuration of both sshd_config and pam.d/sshd lead to error
Code:sshd[2776]: error: PAM: Authentication failure for user from *.*.*.*
sshd[2780]: error: PAM: Authentication failure for root from *.*.*.*I haven't add ssh pub key yet because can't login even with password. Every time I enter 1000% correct password for root/user I get nothing for 3 times and then for 3 times "Permission denied".
From client:
Code:debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 1
Received disconnect from *.*.*.* port 22:2: Too many authentication failures
Disconnected from *.*.*.* port 22If I set UsePAM to no and try to login, then in server logs I see nothing. In client logs
Code:Permission denied, please try again.As I said before both root and user password are 1000% correct.
pam.d/sshd content:
Code:auth include system-auth
auth include postlogin
account required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
session include postlogin
session required pam_loginuid.so
Code:sshd[2776]: error: PAM: Authentication failure for user from *.*.*.*
sshd[2780]: error: PAM: Authentication failure for root from *.*.*.*I haven't add ssh pub key yet because can't login even with password. Every time I enter 1000% correct password for root/user I get nothing for 3 times and then for 3 times "Permission denied".
From client:
Code:debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: send packet: type 61
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
root@*.*.*.*'s password:
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 1
Received disconnect from *.*.*.* port 22:2: Too many authentication failures
Disconnected from *.*.*.* port 22If I set UsePAM to no and try to login, then in server logs I see nothing. In client logs
Code:Permission denied, please try again.As I said before both root and user password are 1000% correct.
pam.d/sshd content:
Code:auth include system-auth
auth include postlogin
account required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
session include postlogin
session required pam_loginuid.so