[geeks] So has anyone compiled openssh on HP-UX 11?

Andrew Weiss ajwdsp at cloud9.net
Mon Mar 31 19:39:59 CST 2003 

I went about compiling the thing and succeeded in getting both user and 
root accounts to successfully ssh in and root can sftp in, but normal 
users can not use sftp.  No errors are logged and the login looks the 
same for both... but the normal user gets kicked off immediately after 
password is accepted (not rejected).

I can provide debug info, but as far as I can tell this is what is 
happening during the kicking off:

<see attachment>
-bash-2.05b# /opt/openssh/sbin/sshd -d -D -o UsePrivilegeSeparation=no -o PAMAu
thenticationViaKbdInt=no
debug1: sshd version OpenSSH_3.5p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.0.8 port 49340
debug1: Client protocol version 2.0; client software version OpenSSH_3.5p1 FreeBSD-20021029
debug1: match: OpenSSH_3.5p1 FreeBSD-20021029 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.5p1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 127/256
debug1: bits set: 1600/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1607/3191
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user andreww service ssh-connection method none
debug1: attempt 0 failures 0
debug1: Starting up PAM with username "andreww"
debug1: PAM setting rhost to "192.168.0.8"
Failed none for andreww from 192.168.0.8 port 49340 ssh2
debug1: userauth-request for user andreww service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs 
debug1: auth2_challenge: user=andreww devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for andreww from 192.168.0.8 port 49340 ssh2
debug1: userauth-request for user andreww service ssh-connection method password
debug1: attempt 2 failures 2
debug1: PAM Password authentication accepted for user "andreww"
Accepted password for andreww from 192.168.0.8 port 49340 ssh2
debug1: Entering interactive session for SSH2.
debug1: fd 11 setting O_NONBLOCK
debug1: fd 12 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request subsystem reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req subsystem
subsystem request for sftp
debug1: subsystem: exec() /opt/openssh/libexec/sftp-server
debug1: PAM establishing creds
debug1: fd 15 setting O_NONBLOCK
debug1: fd 14 setting O_NONBLOCK
debug1: Received SIGCHLD.
debug1: channel 0: read<=0 rfd 15 len 0
debug1: channel 0: read failed
debug1: channel 0: close_read
debug1: channel 0: input open -> drain
debug1: channel 0: ibuf empty
debug1: channel 0: send eof
debug1: channel 0: input drain -> closed
debug1: session_by_pid: pid 16638
debug1: session_exit_message: session 0 channel 0 pid 16638
debug1: channel request 0: exit-status
debug1: session_exit_message: release channel 0
debug1: channel 0: write failed
debug1: channel 0: close_write
debug1: channel 0: output open -> closed
debug1: session_close: session 0 pid 16638
debug1: channel 0: send close
debug1: channel 0: rcvd close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: server-session, nchannels 1
Connection closed by 192.168.0.8
Closing connection to 192.168.0.8
debug1: Cannot delete credentials[7]: Permission denied
Ideas?... the SIGCHILD looks suspicious.

Andrew

More information about the geeks mailing list