On Tue, 2007-06-05 at 07:54 +1000, Darren Tucker wrote:
Dallas Clement wrote:
'm getting this error when I try to start my cross-compiled OpenSSH sshd
daemon for the first time with privilege separation enabled.
[...]
sshd uses getpwnam() to look up the privsep user, so if that doesn't
work (eg if your nsswitch.conf or equivalent is broken) then you can get
that error regardless of what's in /etc/passwd.
You were sure right! I didn't have any /etc/nsswitch.conf defined at
all, neither did I have any /lib/lib_nss* files either...
Once I added those and also added the following line in my /etc/fstab,
the sshd daemon started to recognize the priv sep user.
However, my ssh login attempts from a remote machine are still failing
for some reason. I know that the user is valid and the password is
valid since I can login locally.
Here is my sshd output:
debug1: userauth-request for user dallas service ssh-connection method
none
debug1: attempt 0 failures 0
Failed none for dallas from 172.16.1.33 port 58494 ssh2
debug1: userath-request for user dallas service ssh-conection method
password
debug1: attempt 1 failure 1
Failed password for dallas from 172.16.1.33
Can you think of anything else I might be doing wrong for the password
authentication to fail?
This is how I configured the OpenSSH build:
./configure --sysconfdir=/etc/ssh --with-zlib=/home/dallas/zlib_install
--with-ssl-dir=/home/dallas/openssl_install
--host=i686-unknown-linux-gnu --with-privsep-user=sshd --with-shadow
--with-md5-passwords CC=i686-unknown-linux-gnu-gcc
Should I not be specifying md5 password?
Thanks a ton for the help!
