Authorisation Errors on 9.2
Frank Leonhardt
frank2 at fjl.co.uk
Mon Oct 14 09:11:37 UTC 2013
On 14/10/2013 06:37, Beeblebrox wrote:
> Hi,
> I Inadvertently posted the gnome-keyring bit. That's almost standard error
> message on FreeBSD-Gnome. The relevant bit for the error is in fact:
> slim: gkr-pam: no password is available for user
> However, the user cannot login on a tty without providing a password.
>
> For ssh, the same error and dropped connection occurs for all users. sshd
> was modified to allow root login. All users have valid home directories
> defined. From /etc/passwd; I wonder if this has anything to do with it?
> sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/*nologin*
>
>>> Could it be a dud /root/.tcshrc? Or /etc/login.conf?
> The accounts which try to ssh login also login on host proper and do not
> have any login issues when logging-in directly on host - so I think we can
> eliminate these problems.
>
>
I'm now really guessing - I've not tried 9.2-RELEASE. Given these things
are usually really obvious when you finally spot them (it happens to me
a lot, anyway), here are a few obvious things you could think of in case
it helps. First off, ssh is different from a console login so what's in
sshd_config matters. That said, the defaults generally work (or used
to). In no particular order, in sshd_config:
PasswordAuthentication must be "yes"
KerberosOrLocalPasswd probably "yes"
AllowUsers, AllowGroups, DenyUsers and DenyGroups need to be set correctly.
ChrootDirectory - this could cause fun if it's set to something.
Other things that might be interesting are UseLogin and UsePAM.
If this was a fundamental problem with changed defaults in 9.2, I'm sure a lot more people would have complained.
Regards, Frank.
More information about the freebsd-questions
mailing list