Chinaunix

标题: 急。修改/etc/pam.d/system-auth后，ssh无法远程登陆 [打印本页]

---

作者: yeahzp    时间: 2011-07-28 16:59
标题: 急。修改/etc/pam.d/system-auth后，ssh无法远程登陆
我在修改完/etc/pam.d/system-auth后，保存，退出系统重新远程ssh登录系统，登不上去。
   
  后来把system-auth还原后，还是不能ssh远程登录，root也不行

  本地登录后root用户下执行 ssh -vv 本机ip，有以下信息：

OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.181.128 [192.168.181.128] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.181.128' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: No more authentication methods to try.


  和正常linux主机异常的，就是以上的红色位置

  帮忙看一下

---

作者: yeahzp    时间: 2011-07-28 17:00
目前   

已执行过： ssh -o GSSAPIAuthentication=no server-ip

/etc/pam.d/system-auth已恢复

重启一下sshd
清空一下客户端/root/.ssh/known_hosts文件   也已做


还是不行。

---

作者: alonerhu    时间: 2011-07-28 17:05
关闭GSS试试看吧

编辑 /etc/ssh/sshd_config

GSSAPIAuthentication no
GSSAPICleanupCredentials no

service sshd restart

---

作者: yeahzp    时间: 2011-07-28 17:10
回复 3# alonerhu




还是不成。

继续在线等～～

---

作者: taojie2000    时间: 2011-07-28 20:13
回复 1# yeahzp


    修改/etc/pam.d/system-auth  之前  ssh是正常的吗?

---

作者: taojie2000    时间: 2011-07-28 20:26
回复 1# yeahzp


    等把你  log/secure  ssh 相关的日志发出来!      可能目录权限问题!

---

作者: yeahzp    时间: 2011-07-28 20:55
Jul 28 17:40:01 ms1 crond[20394]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 17:40:01 ms1 crond[20393]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:40:01 ms1 crond[20393]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:40:01 ms1 crond[20394]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:40:01 ms1 crond[20394]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) illegal module type: ~
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) illegal module type: ~
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) no control flag supplied
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) no control flag supplied
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) no module name supplied
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) no module name supplied
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) illegal module type: ~
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) illegal module type: ~
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) no control flag supplied
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) no control flag supplied
Jul 28 17:40:01 ms1 crond[20393]: PAM (crond) no module name supplied
Jul 28 17:40:01 ms1 crond[20394]: PAM (crond) no module name supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) illegal module type: ~
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no control flag supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no module name supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 17:45:01 ms1 crond[22254]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:45:01 ms1 crond[22254]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) illegal module type: ~
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no control flag supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no module name supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) illegal module type: ~
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no control flag supplied
Jul 28 17:45:01 ms1 crond[22254]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24020]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 17:50:01 ms1 crond[24020]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:50:01 ms1 crond[24020]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:50:01 ms1 crond[24021]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:50:01 ms1 crond[24021]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) illegal module type: ~
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no control flag supplied
Jul 28 17:50:01 ms1 crond[24020]: PAM (crond) no module name supplied
Jul 28 17:50:01 ms1 crond[24021]: PAM (crond) no module name supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) illegal module type: ~
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no control flag supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no module name supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 17:55:01 ms1 crond[25837]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 17:55:01 ms1 crond[25837]: PAM adding faulty module: <*unknown module path*>
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) illegal module type: ~
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no control flag supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no module name supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) illegal module type: ~
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no control flag supplied
Jul 28 17:55:01 ms1 crond[25837]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:00:01 ms1 crond[27543]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:00:01 ms1 crond[27542]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:00:01 ms1 crond[27542]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:00:01 ms1 crond[27543]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:00:01 ms1 crond[27543]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) illegal module type: ~
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no control flag supplied
Jul 28 18:00:01 ms1 crond[27542]: PAM (crond) no module name supplied
Jul 28 18:00:01 ms1 crond[27543]: PAM (crond) no module name supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) illegal module type: ~
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no control flag supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no module name supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:01:01 ms1 crond[27940]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:01:01 ms1 crond[27940]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) illegal module type: ~
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no control flag supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no module name supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) illegal module type: ~
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no control flag supplied
Jul 28 18:01:01 ms1 crond[27940]: PAM (crond) no module name supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) illegal module type: ~
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no control flag supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no module name supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:05:01 ms1 crond[29205]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:05:01 ms1 crond[29205]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) illegal module type: ~
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no control flag supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no module name supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) illegal module type: ~
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no control flag supplied
Jul 28 18:05:01 ms1 crond[29205]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30946]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:10:01 ms1 crond[30946]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:10:01 ms1 crond[30946]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM unable to dlopen(<*unknown module path*>)
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM [error: <*unknown module path*>: 无法打开共享对象文件: 没有那个文件或目录]
Jul 28 18:10:01 ms1 crond[30946]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM adding faulty module: <*unknown module path*>
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no module name supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) illegal module type: ~
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no control flag supplied
Jul 28 18:10:01 ms1 crond[30947]: PAM (crond) no module name supplied

---

作者: chenyx    时间: 2011-07-28 21:01
楼主的pam文件里面有非法字符?贴上来看看

---

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)

Powered by Discuz! X3.2