Hi list.
I have the weirdest problem - my system is set to allow login to accounts
defined in MySQL using pam_mysql. normally I don't have any problems loging
in using either ssh,ftp,imap,pop3 or smtp (the services I have mysqlized).
But I've just now noticed that I cannot login to one of the mysql stored
accounts using Putty from windows. login to one of the standard shadow
accounts is successful, but while I can use openssh to login to a mysql
stored account, same login cannot be used from Putty.
This is what I get in the logs when Putty tries to log on:
----
Jun 16 15:08:50 gilgamesh sshd[18591]: error: Could not get shadow information
for geek
Jun 16 15:08:50 gilgamesh sshd[18591]: Failed password for geek from
62.90.49.69 port 3770
----
And this is an openssh login
----
Jun 16 15:07:36 gilgamesh sshd(pam_unix)[18104]: check pass; user unknown
Jun 16 15:07:36 gilgamesh sshd(pam_unix)[18104]: authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=xx.xx.xx.xx
Jun 16 15:07:36 gilgamesh sshd[18104]: pam_sm_authenticate called.
Jun 16 15:07:36 gilgamesh sshd[18104]: dbuser changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: dbpasswd changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: database changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: table changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: usercolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: crypt changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: where changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: logtable changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: logmsgcolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: logpidcolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: logusercolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: loghostcolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: logtimecolumn changed.
Jun 16 15:07:36 gilgamesh sshd[18104]: db_connect called.
Jun 16 15:07:36 gilgamesh sshd[18104]: returning 0 .
Jun 16 15:07:36 gilgamesh sshd[18104]: db_checkpasswd called.
Jun 16 15:07:36 gilgamesh sshd[18104]: pam_mysql: where clause = shell=1
Jun 16 15:07:36 gilgamesh sshd[18104]: SELECT Password FROM users WHERE
login='geek' AND (shell=1)
Jun 16 15:07:36 gilgamesh sshd[18104]: sqlLog called.
Jun 16 15:07:36 gilgamesh sshd[18104]: insert into authlogs (message, user,
host, shell, time) values('AUTH SUCCESSFUL', 'geek', '', '18104', NOW())
Jun 16 15:07:36 gilgamesh sshd[18104]: Returning 0
Jun 16 15:07:36 gilgamesh sshd[18104]: returning 0 .
Jun 16 15:07:36 gilgamesh sshd[18104]: returning 0.
Jun 16 15:07:36 gilgamesh sshd[18102]: Accepted keyboard-interactive/pam for
geek from xx.xx.xx.xx port 39609 ssh2
Jun 16 15:07:36 gilgamesh sshd(pam_unix)[18113]: session opened for user geek
by (uid=0)
----
I think that for putty, pam does not call pam_mysql at all, but I can't figure
out why. this is my pam.d/sshd file:
-----
#%PAM-1.0
auth sufficient pam_stack.so service=system-auth
auth sufficient pam_mysql.so user=pam passwd=xxxxxx db=xxxxxxx
table=users usercolumn=login crypt=2 where=shell=1 logtable=authlogs
logmsgcolumn=message logpidcolumn=shell logusercolumn=user loghostcolumn=host
logtimecolumn=time
auth required pam_nologin.so
account sufficient pam_stack.so service=system-auth
account sufficient pam_mysql.so user=pam passwd=xxxxxx db=xxxxxx
table=users usercolumn=login crypt=2 where=shell=1 logtable=authlogs
logmsgcolumn=message logpidcolumn=shell logusercolumn=user loghostcolumn=host
logtimecolumn=time
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
-----
I would appreciate if anyone can offer any pointer as to why this doesn't work
--
Oded
::..
9. I got these instructions off the net. I'm going to follow them exactly.
Let's see if they work.
--Top 100 things you don't want the sysadmin to say
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
