SSH security question
Guilderson, Tom W.
TWGuilderson at cvs.com
Tue Mar 27 13:06:46 EST 2001
The next to last line is showing a PAM error. Are you using PAM for
authentication? If so, are you using openssh or fsecure? I know with
OpensSSH, you need to run configure with the following option "--with-pam",
I also use "--with-ipv4-default". You also need to put the appropriate sshd
configuration file for PAM in the pam directory (/etc/pam.d on RH systems).
If you have RH based system, just copy the pam config file from the
contrib/redhat directory. (I just installed on 2 systems here at work
yesterday so it is fresh in my mind.)
Not positive if that is the problem, but the errors are showing failed rsa,
and failed password, that combined with the PAM error made me think it may
be a PAM configuration issue.
>
> Mar 27 11:55:42 kendy sshd[3627]: Received signal 15; terminating.
> Mar 27 11:56:20 kendy sshd[4323]: Server listening on 0.0.0.0 port 22.
> Mar 27 11:56:20 kendy sshd[4323]: Generating 768 bit RSA key.
> Mar 27 11:56:20 kendy sshd[4323]: RSA key generation complete.
> Mar 27 11:56:38 kendy sshd[4329]: Connection from 18.62.1.54 port 1002
> Mar 27 11:56:38 kendy sshd[4329]: Failed rsa for jc from
> 18.62.1.54 port 1002
> Mar 27 11:56:46 kendy sshd[4329]: Failed password for jc from
> 18.62.1.54 port 1002
> Mar 27 11:56:58 kendy last message repeated 2 times
> Mar 27 11:56:58 kendy sshd[4329]: Connection closed by 18.62.1.54
> Mar 27 11:56:58 kendy sshd[4329]: Cannot close PAM
> session[4]: System error
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Tom Guilderson (E-mail).vcf
Type: application/octet-stream
Size: 381 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20010327/69fbd906/attachment.obj>
More information about the Discuss
mailing list