Bug 728

Summary: SSH broken when UsePAM turned on
Product: Portable OpenSSH Reporter: Mark McCullough <mm1329>
Component: PAM supportAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED DUPLICATE    
Severity: major    
Priority: P2    
Version: -current   
Hardware: UltraSPARC   
OS: Solaris   

Description Mark McCullough 2003-10-04 02:47:48 AEST 
My systems require a PAM module that does a one time password authentication. 
The module we use is based on the freeradius code that is used on some linux
systems.  (We do not use it in challenge-response format.)  When UsePrivSep is
turned on, the connection is closed post authentication with:

pam_open_session(): Can not make/remove entry for session

logged as a critical auth error.

When PrivSep is disabled, basic login appears to work, but the error is still
logged.  scp is broken regardless for these systems.

What makes it strange is some Solaris 8 boxes do not exhibit this behavior while
others do.  I have been unable to trace down anything that would explain the
difference in behavior.
Comment 1 Darren Tucker 2003-10-04 11:59:03 AEST 
Check your OS patches.  ISTR that this behaviour is caused by certain Solaris
patches.
Comment 2 Darren Tucker 2003-10-07 17:28:36 AEST 
Does the patch in bug #703 make any difference?
Comment 3 Mark McCullough 2003-10-07 22:13:38 AEST 
Sun patch 111659-07 appears to have solved the problem.  (Took a couple days to 
ensure that the patch did in fact fix the issue.)
Comment 4 Darren Tucker 2003-10-07 22:25:03 AEST 
Looks like a dupe of bug #703 then. 

*** This bug has been marked as a duplicate of 703 ***
Comment 5 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED