[Bug 1507798] Re: libpam-sshauth dropped support for publickey authentication
Chris Halse Rogers
chris at cooperteam.net
Wed Jan 13 01:21:43 UTC 2016
Hm. I think this patch is incorrect:
gcc -DHAVE_CONFIG_H -I. -I.. -D_FORTIFY_SOURCE=2 -fpic -Wall -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -c -o pam_sshauth_so-auth_funcs.o `test -f 'auth_funcs.c' || echo './'`auth_funcs.c
auth_funcs.c:40:0: warning: "SSH_AUTH_METHOD_PUBLICKEY" redefined
#define SSH_AUTH_METHOD_PUBLICKEY 3
^
In file included from auth_funcs.c:36:0:
pam_sshauth.h:30:0: note: this is the location of the previous definition
#define SSH_AUTH_METHOD_PUBLICKEY 4
^
You're using method as a set of bits, but you're defining
SSH_AUTH_METHOD_PUBLICKEY as 1<<1 | 1<<0 (ie: 2 + 1 = 3).
This means that it'll try public key authentication if both INTERACTIVE
and PASSWORD methods are supported (and, conversely, it'll try PASSWORD
and INTERACTIVE if only PUBLICKEY is supported).
** Changed in: libpam-sshauth (Ubuntu Xenial)
Status: In Progress => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1507798
Title:
libpam-sshauth dropped support for publickey authentication
Status in libpam-sshauth package in Ubuntu:
Incomplete
Status in libpam-sshauth source package in Trusty:
In Progress
Status in libpam-sshauth source package in Vivid:
Triaged
Status in libpam-sshauth source package in Wily:
Triaged
Status in libpam-sshauth source package in Xenial:
Incomplete
Status in libpam-sshauth package in Debian:
New
Bug description:
[Impact]
libpam-sshauth v0.1-1 (shipped with precise) used to support publickey
authentication with ssh-agent.
New version of this lib shipped with trusty and late has dropped this
feature; which is related to upstream author (ltsp-upstream) switching
to using libssh2 (was using libssh before).
[Test Case]
A patched has been approved/merge upstream:
https://code.launchpad.net/~benoit-guyard/ltsp/libpam-sshauth/+merge/273930
[Regression Potential]
A testfix has been provided, and positive feedbacks from the community
has been given by the community to confirm the new package work under
Trusty as expected: https://bugs.launchpad.net/ubuntu/xenial/+source
/libpam-sshauth/+bug/1507798/comments/4
[Original Description]
It as been brought to my attention that libpam-sshauth (version >=0.3-1) have dropped support for publickey authentication.
$ cat debian/changelog
---
libpam-sshauth (0.3-1) experimental; urgency=low
* New upstream version.
- Switch to using libssh2.
* Add Build-Depends on libssh2-1-dev and pkg-config, drop libssh-dev.
* debian/rules: Install pam_sshauth.so into /lib/<triplet>/security/.
-- Vagrant Cascadian <vagrant at debian.org> Fri, 22 Mar 2013 12:31:56 -0700
---
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-sshauth/+bug/1507798/+subscriptions
More information about the Ubuntu-sponsors
mailing list