Date: Wed, 26 Jun 2002 16:09:49 +0400 (MSD) From: Maxim Kozin <madmax@express.ru> To: security@FreeBSD.ORG Subject: Re: openssh-portable and s/key passwords Message-ID: <Pine.BSF.4.05.10206261545280.25413-100000@ds.express.ru> In-Reply-To: <3D19A714.6000408@cerint.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm not sure if it's relevant to FreeBSD but debian advisory > http://www.debian.org/security/2002/dsa-134 > says: > > * keyboard interactive authentication does not work with privilege seperation. > Most noticable for Debian users this breaks PAM modules which need a PAM conversation > function (like the OPIE module). Problem: setup openssh + pam(some self-write module) When I don't create full chroot enviromnet in /usr/local/empty, sshd -d -d -d fail in start_pam. All symbol in my_pam.so must be resolved on privsep step, because copy in chroot all need libs,/etc/pam.conf and /etc/passwd Now I can see, that pam started, make succefuly auth. BUt session disconected with diagnostic: debug3: monitor_read: checking request 24 debug3: mm_send_keystate: Finished sending state monitor_read: unsupported request: 24 debug1: Calling cleanup 0x806d98c(0x0) "Request type 24" is some about tty/pty ? b.r. Kozin Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10206261545280.25413-100000>