Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 101183
Summary: | openssh-server-3.1p1-8 and krb5 pam module do not work together.. prevent logins | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Pat Hennessy <path> |
Component: | openssh | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | CC: | hooft, lcole, m.a.young, m.keir, xenophon |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-09-25 09:54:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Pat Hennessy
2003-07-29 21:01:30 UTC
We were also able to reproduce the problem with a RedHat 9 server. Found someone else has submited the same problem under a different bug report. See #101361 I have been looking at the problem for our systems, and on 7.3 at least the server segfaults if kerberos authentication is enabled, though gdb suggests the crash is in the libkrb5 code - so the failure could be related to things not being initialized when libkrb5 expects them to be in the extra call of pam. Found someone else has submited the same problem under a different bug report. See #101799 I investigated this problem somewhat, and it looks like a problem originating in the openssh-<version>-pam-timing.patch, at least if I leave this patch out, everything seems to work. I've made tracebacks for 3.1p1 as well as for 3.6p2 (on 7.3 and 9 respectively), which I can make available if you like. (BTW, we're authenticating against a Windows KDC.) Try the new openssh security fix package, I think this bug might be fixed as well. We concur, new build seems to fix this problem as well. OK, seems events caught up with me. I can confirm this problem has been fixed in the new packages. *** Bug 101799 has been marked as a duplicate of this bug. *** *** Bug 101361 has been marked as a duplicate of this bug. *** |