The 3.7 versions of Openssh will refuse to authenticate via password (didn't try keys) for the ssh.com and Putty clients IF the server is using ldap authentication. Authentication isn't a problem if the openssh client is used (even under cygwin), or if any windows client is used to connect to an openssh server using passwd/shadow auth.
Created attachment 417 [details] DEBUG3 Output Output logged on affected server...
From the sshd_config man page: UsePAM Enables PAM authentication (via challenge-response) and session set up. If you enable this, you should probably disable PasswordAuthentication. If you enable then you will not be able to run sshd as a non-root user. What happens if you disable PasswordAuthentication and use keyboard-interactive on the clients?
This bug caught my eye because I'm a big supporter of LDAP authentication. If I set PasswordAuthentication=No in sshd_config then PuTTY doesn't login regardless of the UsePAM setting. I tried using both an LDAP-served user and a /etc/passwd|shadow user with UsePAM=yes and UsePAM=no and as long as PasswordAuthentication=No then PuTTY won't log in. Could this be an error with PuTTY? Just for fun I tried F-Secure's SSH client (for OpenVMS) and everything worked fine with PasswordAuthentication=No and UsePAM=yes and F-Secure verbosely prints it's using keyboard-interactive. Interestingly though UsePAM=no and PasswordAuthentcation=no breaks F-Secure.
Matthew: no reply = closed bug. Jason: make sure PuTTY is using SSHv2 (many versions default to SSHv1 if the server supports both) or if using SSHv1 that you have "TIS/Cryptocard" auth enabled (which is disabled by default).
Mass change of RESOLVED bugs to CLOSED