=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ok...since PAM is so "nested" here are some comments based on your logs: 1. > Aug 21 14:24:11 server sshd[28655]: Could not reverse map address > 10.10.10.10 Check if/how you are using TCPWrappers with SSHD=20 2. > Aug 21 14:24:11 server sshd[28655]: PAM unable to resolve symbol: > pam_sm_acct_mgmt See: http://www.opengroup.org/onlinepubs/8329799/pam_sm_acct_mgmt.htm There should also be something about it under: /usr/share/doc/ Looks like you have a bad module stack order, typo, or bad option set for a= =20 module in one of your /etc/pam.d/* files. IIRC PAM with sshd uses /etc/pam.d/login along with /etc/pam.d/sshd to figu= re=20 out what to do or not do when you log on. It may take a little experimentation to get this fixed.=20 Make sure you have a root console open so you don't lock yourself out in ca= se something doesn't work! On Thursday 21 August 2003 05:34 pm, Bill Warner wrote: > Mine is close to the same. I added the: > account required pam_nologin.so > because it wasn't there. It didn't seem to help. The only other error > message I get is in auth.log wich says: > > Aug 21 14:24:11 server sshd[28655]: PAM unable to resolve symbol: > pam_sm_acct_mgmt > Aug 21 14:24:11 server sshd[28655]: Could not reverse map address > 10.10.10.10 > Aug 21 14:24:15 server sshd[28655]: PAM rejected by account > configuration[28]: Module is unknown > Aug 21 14:24:15 server sshd[28655]: Failed password for user from > 10.10.10.10 port 57378 ssh2 > Aug 21 14:24:15 server sshd[28655]: fatal: monitor_read: unsupported > request: 24 > > if I do passwd user and change his password it then works???? I don't > get it... > > Thanks for the help though > > On Thu, 2003-08-21 at 13:50, J.L.Francois wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > What is in your /etc/pam.d/sshd? > > > > I have: > > =3D=3D=3D=3D=3D > > #%PAM-1.0 > > auth required pam_unix.so > > auth required pam_nologin.so > > auth required pam_env.so > > account required pam_unix.so > > account required pam_nologin.so > > password required pam_pwcheck.so nullok md5 remember=3D5 > > password sufficient /lib/security/pam_unix.so nullok use_authtok > > shadow password required pam_unix.so nullok use_first_pass > > use_authtok session required pam_unix.so # trace or debug > > session required pam_limits.so > > =3D=3D=3D=3D=3D > > > > and it works here with SuSE Linux Enterprise Server 8. > > > > HTH. HAND. > > > > On Thursday 21 August 2003 04:41 pm, Bill Warner wrote: > > > anyone know why when a password expires with passwd -e or its > > > time expires I can't change it while logging in with ssh. > > > > > > > $ ssh server > > > > user@server's password: > > > > Connection to qbb closed by remote host. > > > > Connection to qbb closed. > > > > > > If I log in with telnet it lets me change the password > > > > [snipped] > > > > - -- > > begin sig.txt > > Jean L. Francois - Enterprise Linux Architect ( JLF Sends... ) > > Ciber, Inc. @ FSIC - Ford Systems Integration Center > > "Failure is only postponed success as long as courage > > 'coaches' ambition. The habit of persistence is the > > habit of victory." > > end > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.2.2 (GNU/Linux) > > Comment: No Good Deed Goes Unpunished > > > > iD8DBQE/RTB7gP5boHtr6J8RAgSWAJ4/iaLHej7mosWorp8mz/Hft8Yw6gCcDYPg > > eLEbV/oIBG5kEsN7FRKeWH0=3D > > =3DTc4F > > -----END PGP SIGNATURE----- =2D --=20 begin sig.txt Jean L. Francois - Enterprise Linux Architect http://unix.ford.com/~jfranc46/ Ciber, Inc. @ FSIC - Ford Systems Integration Center "Failure is only postponed success as long as courage 'coaches' ambition. The habit of persistence is the habit of victory." end =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: No Good Deed Goes Unpunished iD8DBQE/RhZZgP5boHtr6J8RAliKAJ410a0K0V3bplRPygRWDs+cpp0OtACgtXUW 79QU06ymS/AsvYjaO12S4G4=3D =3DHovg =2D----END PGP SIGNATURE-----