[REDHAT] Re: OpenSSH bug workaround *NOT NEEDED* (fwd)

Anthony J. Gabrielson agabriel at home.tzo.org
Thu Jun 27 09:20:22 EDT 2002 

I don't have a /home/sshd dir - 

Tell me about your /var/empty dir - what are the permissions?

Anthony

On Thu, 27 Jun 2002, John Chambers wrote:

> Brian J. Conway wrote:
> | > Another reason you might want to wait:  I tried installing 3.3 on  my
> | > home  machine.   I  can now ssh out, but incoming connections all get
> | > "Permission denied" after I type the password, and  /var/log/messages
> | > gets a "Failed password for jc from 64.28.81.46 port 46127 ssh2" type
> | > message.  This fails the same way for all the outside machines that I
> | > have accounts on.  So far, I haven't found any clues about how to get
> | > it to work again.  I hope I don't have to enable telnet and ftp ...
> |
> | Did you set up privilege separation correctly?  It's now enabled by
> | default and requires setting up an sshd user (instructions are in
> | README.privsep).  Just a shot in the dark.
> 
> Of course, I'm assuming that I did  something  wrong.   The
> problem is discovering what.  I did discover the sshd user,
> and I think I followed the instructions.  Maybe  it's  time
> for some more sanity checking ...
> 
> One curiosity is that, which the sshd user and group exist,
> I  don't seem to see ~sshd, i.e., /home/sshd/.  I wonder if
> that could be a problem.  Usually you get a "no  directory"
> message in such cases, not "Failed password" or "Permission
> denied", but I suppose that could be screwed up.  I'll  try
> wiping  out the sshd user and group, repeat the commands in
> README.privsep, and see what happens ...
> 
> Well, that did change things. Now I don't even get prompted
> for a password.  The ssh command instandly says "Connection
> closed" and /var/log/messages says:
> 
> Jun 27 09:10:06 kendy sshd[2328]: fatal: mmap(65536): Invalid argument
> 
> Since this has to do with  UsePrivilegeSeparation,  I  went
> into  sshd_config  and turned that off.  Now instead of the
> mmap invalid argument message,  I'm  back  to  the  earlier
> failure.   The  ssh command gets "Permission denied, please
> try again", and /var/log/messages has  a  "Failed  password
> for jc from ..." message.
> 
> I wonder where I might find some more clues?
> 
> I think I might start warning people that installing  3.3p1
> might mean that you've disabled all logins ...
> 
> 
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list