LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 12-09-2004, 08:10 AM   #1
cochoa
LQ Newbie
 
Registered: Nov 2004
Distribution: FC2
Posts: 23

Rep: Reputation: 15
ssh fails to authenticate some users


Hi there, I am experiencing a weird problem with ssh.

Most of users here use the passwordless login mode when using ssh. However, after upgrading from RH9 to FC2, some of them are unable to keep login in such a way.

As root, I su - to such users, and did some test, using ssh -v -v <server> from the client, and starting sshd -d -d in the server, and find out that for such users, the following occurred

...
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/german/.ssh/identity
debug1: Trying private key: /home/german/.ssh/id_rsa
debug1: Offering public key: /home/german/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
Connection closed by 138.100.11.74
debug1: Calling cleanup 0x8062d00(0x0)

and in the server

...
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug1: PAM setting rhost to "r2d7.dia.fi.upm.es"
debug2: monitor_read: 41 used once, disabling now
debug2: monitor_read: 3 used once, disabling now
debug1: temporarily_use_uid: 1007/109 (e=0/0)
getgroups: Invalid argument
debug1: Calling cleanup 0x8063d50(0x0)
debug1: Calling cleanup 0x806f3f0(0x0)


So apparently, there is a problem when doing getgroups(). This problem is not present for other users though...

I have been googling for an answer to this problem, no luck...

Any ideas??
 
Old 12-10-2004, 07:43 AM   #2
cochoa
LQ Newbie
 
Registered: Nov 2004
Distribution: FC2
Posts: 23

Original Poster
Rep: Reputation: 15
Ok, finally I have been able to know the reason of my problem, posting it here in case somebody else has the same problem:

- the users experiencing this problem belong to more than 32 groups, which is the value of NGROUPS_MAX in /usr/include/linux/limits.h

Posible solutions: to increase this number and recompile the kernel :S or to re-organize the groups (I think I will go for this choice).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authenticate samba users against PAM yapp Linux - Networking 0 11-24-2005 05:59 AM
SSH connection won't authenticate MaestroC Linux - Security 5 10-16-2005 03:38 AM
authenticate samba users using the NIS manojthakkar Linux - Networking 1 07-25-2005 07:48 PM
how to authenticate external users but bypass prompt on local LAN users? taiwf Linux - Security 5 07-13-2005 09:01 AM
Cannot Authenticate Via SSH Sivel Linux - Software 10 07-03-2005 10:13 AM


All times are GMT -5. The time now is 07:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration