Weird SSH problem... Any ideas?!?
Alex Zbyslaw
xfb52 at dial.pipex.com
Thu Oct 20 03:24:10 PDT 2005
Olaf Greve wrote:
> Hi,
>
> Yesterday it has been brought to my attention that SSH access is not
> working well on my new server.
>
> The background: I have set-up a new server (FreeBSD 5.4-Release
> AMD/64) and I migrated the user accounts from my old server (FreeBSD
> 5.2.1-Release i386).
>
> Now, I was under the assumption everything was working fine, as I
> myself have no issues in SSH-ing as unprivileged user to the machine
> (note: my unprivileged account is featured in the wheel group, which
> may be of importance!).
>
> However, when a regular user who resides in a regular group tries to
> SSH to the machine, after entering the correct password the connection
> is immediately dropped, and the following error (note: the below lines
> contain dummy names and IP addresses) is shown in /var/log/auth.log:
>
> Oct 20 11:39:40 milx sshd[48147]: Accepted keyboard-interactive/pam
> for abcdef from 123.45.67.89 port 35335 ssh2
> Oct 20 11:39:40 milx sshd[48150]: fatal: login_get_lastlog: Cannot
> find account for uid 1234
>
> I have done some Googling on it, and there are quite a few hits when
> searching for this particular error message. The errors seem to be
> happening on all sorts of Unixes, yet as my machines are FreeBSD ones,
> I'm asking here.
>
> I have unfortunately not been able to find a solution using Google,
> but I did find some pointers as to the cause. They are:
> -This seems to happen when SSH cannot retrieve the last login date and
> time for a user. Can this somehow implicitly or explicitly be flushed?
> -This does not happen when "su -" ing to the user's account from the
> box itself.
> -This may not happen to users that are allowed to become root (i.e.
> are in the wheel group).
If it *is* related to getting last login time then maybe the permissions
on /var/log/wtmp are wrong?
Mine are
352 -rw-r--r-- 1 root wheel - 329428 Oct 20 10:54 /var/log/wtmp
but if other did not have read permission it would fit with the
assumptions and symptoms you mention.
Group wheel is only about su-ing on BSD, though it is often used to give
read/write permissions on files to those privileged users.
--Alex
More information about the freebsd-questions
mailing list