Menu
▾
▴
Re: [Pam-mysql-general] 0.6.0/0.7.0(pre) not working - tried md5/plain
|
From: Terry <td...@gm...> - 2005-06-23 15:18:52
|
WHEW! After 20 or so builds, flipping options around, and trying different= =20 formts, i got it to work. Thanks VERY much for your explanations. On 6/23/05, Moriyoshi Koizumi <mor...@at...> wrote: >=20 > Hi, >=20 > As I replied to your post in the forum, --with-openssl needs to be > specified in configure. >=20 > To clarify the difference between crypt()ish and non-crypt()ish; > crypt()ish MD5 is supported in libc and you can enable it by > setting "Y" and "true" to the crypt and use_md5 parameters > respectively, which will result in the following form: >=20 > $1$abcdefgh$Kn5qrjcQzV7oAHBJ23Cu3/ >=20 > Non-crypt()ish MD5 is probably what most people consider to be > MD5. It is supported with the help of OpenSSL (or Cyrus-SASL) > and enabled by setting "MD5" to the crypt parameter, which > will result in the following form: >=20 > d8e8fca2dc0f896fd7cb4cb0031ba249 >=20 > Regards, > Moriyoshi >=20 > On 2005/06/23, at 9:05, Terry wrote: >=20 > > My goal is to use md5. Here are some details: > > > > Linux hostname 2.6.8-1um #1 Tue Jun 21 20:41:51 CDT 2005 i686 i686 > > i386 GNU/Linux > > mysql-4.1.10a-1.RHEL4.1 > > mysql-server-4.1.10a-1.RHEL4.1 > > pam-0.77-65.1 > > > > auth required pam_nologin.so > > auth sufficient pam_stack.so service=3Dsystem-auth > > auth sufficient pam_mysql.so user=3Duser passwd=3Dpass db=3Ddb > > table=3Dtabke usercolumn=3Dusername passwdcolumn=3Dpassword crypt=3D0 > > verbose=3D1 > > account sufficient pam_stack.so service=3Dsystem-auth > > account sufficient pam_mysql.so user=3Duser passwd=3Dpass db=3Ddb > > table=3Dtabke usercolumn=3Dusername passwdcolumn=3Dpassword crypt=3D0 > > verbose=3D1 > > session required pam_stack.so service=3Dsystem-auth > > > > I have tested this with both vsftpd and sshd. With vsftpd and 0.6.0, > > I get the following weird error with md5: > > Jun 22 18:41:22 hostname vsftpd[17656]: pam_mysql - non-crypt()ish > > MD5 hash is not supported in this build. > > > > Here is a secure log snippet: > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - option verbose is > > set to "1" > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_close_db() called. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_sm_authenticate() called. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_open_db() called. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_open_db() returning 0. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_check_passwd() called. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_format_string() called > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_quick_escape() called. > > Jun 22 20:01:43 hostname last message repeated 3 times > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - SELECT password > > FROM table WHERE username =3D 'jomama' > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_sql_log() called. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_sql_log() returning 0. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_mysql_check_passwd() returning 0. > > Jun 22 20:01:43 hostname vsftpd[22789]: pam_mysql - > > pam_sm_authenticate() returning 0. > > > > > > Also, this is what I get from the client end of things: > > 220 (vsFTPd 2.0.1) > > 530 Please login with USER and PASS. > > 530 Please login with USER and PASS. > > KERBEROS_V4 rejected as an authentication type > > Name (192.168.1.35:jomama): jomama > > 331 Please specify the password. > > Password: > > 500 OOPS: priv_sock_get_result > > Login failed. > > 421 Service not available, remote server has closed connection > > ftp> > > > > > > Any ideas? >=20 > |
