HPE Community
Operating System - HP-UX
1833981 Members
2086 Online
110063 Solutions
New Discussion

Re: Need PAM modules for Openssh to work...

 
Adrian Pillai_1
Occasional Advisor

‎07-17-2003 02:14 AM

‎07-17-2003 02:14 AM

Need PAM modules for Openssh to work...

Hi Guys,
I'm running HPUX 11.00, and using latest version of OpenSSH.
When I try to ssh in, I get "PAM session setup failed[33]: General Commercial Security error "
I already set UsePrivilegeSeparation no
In /usr/lib/security I only have libpam_unix.1 and libpam_updbe.1, and I think that is the issue.
Most postings I read point to the need for a pam_unix.so.
Am I on the right track?
If so, where do I get a pam_unix.so binary?
0 Kudos
Reply
4 REPLIES 4
Ollie R
Respected Contributor

‎07-17-2003 02:21 AM

‎07-17-2003 02:21 AM

Re: Need PAM modules for Openssh to work...

Hi,

See if the "syslog.log" on either end of the connection gives you any more clues.

Also, try running "ssh" with the "-v" option.

Check the permissions of your ".ssh" directory and files in there (directory should be 600 mode and owned by the user; files should be 400 mode and, again, owned by the user).

Also check the permissions of your "sshd_config", "ssh_config", "ssh_known_hosts" and other config files, make sure the security is tight enough (no more than 644).

Ollie.
To err is human but to not award points is unforgivable
0 Kudos
Reply
Adrian Pillai_1
Occasional Advisor

‎07-18-2003 10:40 PM

‎07-18-2003 10:40 PM

Re: Need PAM modules for Openssh to work...

Thx, I've already tried all those options, but from looking at the syslogs on the destination server, it seems to point to PAM as the problem.....
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎07-19-2003 07:43 AM

‎07-19-2003 07:43 AM

Re: Need PAM modules for Openssh to work...

Hi,

It's a PAM problem but not on the HP's side. You will need to patch openssh code to handle PAM. Do not touch anything in the pam.conf on the server side.

Look at my following posting and the patch. It should take care of your issue.

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xcd3deea29889d611abdb0090277a778c,00.html

If you have a choice, install HP's version of ssh. You do not need to worry about these headaches.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Adrian Pillai_1
Occasional Advisor

‎07-20-2003 11:15 PM

‎07-20-2003 11:15 PM

Re: Need PAM modules for Openssh to work...

Sridhar,
Thx, that was it.

If you can provide some clear text explanation as to what the issue and solution was, I will really appreciate it.

Adrian
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.