It's a Suse 9.0 system; not the latest distribution, admittedly, but up
to date as for the patches.

# rpm -qa | grep glibc
glibc-devel-2.3.2-87
glibc-2.3.2-88
glibc-locale-2.3.2-87
glibc-info-2.3.2-97

# cat /proc/sys/kernel/osrelease
2.4.21-273-default

# rpm -qa | grep pam
pam-modules-9.0-5
yast2-pam-2.8.5-65
pam-0.77-129


Darren Tucker schrieb:

> Daniel Kastenholz wrote:
>
>> Hope this helps.

>
>
> Thanks. It does, I think.
>
> What can you tell me about the host? It doesn't happen to be a recent
> Linux (with glibc-2.3.x), does it?
>
>> Failed keyboard-interactive for illegal user root from
>> ::ffff:127.0.0.1 port 32772 ssh2
>> Connection closed by ::ffff:127.0.0.1
>> debug1: Calling cleanup 0x8066f50(0x0)
>> debug1: PAM: cleanup
>> debug1: Calling cleanup 0x80733b0(0x0)

>
>
> I can reproduce it on my FC3 box. In my case, it appears to be
> because getnameinfo() does some dlopen tricks which don't work in a
> chroot, and it actually blows up deep inside glibc.
>
> If this all applies to you, you can confirm this is the cause by doing:
>
> # cp -a /lib /var/empty
>
> (or wherever you configured the sshd privsep dir to be) and repeating
> the test. This is not a good long-term solution, though.
>


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev