Daniel Kastenholz wrote:
> Hope this helps.

Thanks. It does, I think.

What can you tell me about the host? It doesn't happen to be a recent
Linux (with glibc-2.3.x), does it?

> Failed keyboard-interactive for illegal user root from ::ffff:
> port 32772 ssh2
> Connection closed by ::ffff:
> debug1: Calling cleanup 0x8066f50(0x0)
> debug1: PAM: cleanup
> debug1: Calling cleanup 0x80733b0(0x0)

I can reproduce it on my FC3 box. In my case, it appears to be because
getnameinfo() does some dlopen tricks which don't work in a chroot, and it
actually blows up deep inside glibc.

If this all applies to you, you can confirm this is the cause by doing:

# cp -a /lib /var/empty

(or wherever you configured the sshd privsep dir to be) and repeating the
test. This is not a good long-term solution, though.

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

openssh-unix-dev mailing list