sshd misconfiguration in 4.3 machines

From fhernand@cs.unc.edu Sat Sep  8 19:25:33 2001
Date: Sat, 08 Sep 2001 18:59:19 -0400
From: Felix Hernandez 
To: dirt@cs.unc.edu
Subject: sshd and PAM in 4.3 machines

Hi,

Almost all our 4.3 machines do not accept ssh connections due to a 
misconfiguration. Any connection attempt in one of these machines will 
result in the following error messages:

root@pericles (root)$ ssh -l fhernand octavius10
fhernand@octavius10's password: 
Connection to octavius10 closed by remote host.
Connection to octavius10 closed.

and the following entries added to /var/log/messages in the machine 
receiving the connection attempt:

Sep  8 13:06:54 pericles sshd[24652]: no modules loaded for `sshd' 
service
Sep  8 13:06:54 pericles sshd[24652]: fatal: PAM session setup failed
[6]: Permission denied
Sep  8 13:06:54 pericles sshd[24652]: no modules loaded for `sshd' 
service

The cause of this behavior is a recent change in sshd. This daemon has 
been reimplemented using the PAM libraries, and therefore, sshd 
authentication must be explicitly enabled in /etc/pam.conf. Although 
the 4.3 default installation does this, one of our installation scripts 
was relying in an old version of pam.conf that did not include rules 
concerning sshd. As a consequence, /etc/pam.conf must be updated in all 
our 4.3 machines in order to accept ssh connections. The easiest way to 
do this is to run

cp /usr/dirt/dist/pam.conf.4.3 /etc/pam.conf