sslug-teknik team mailing list archive

[Robert Larsen <robert@xxxxxxxxxxxx>]

Mogens Kjaer wrote:
> Robert Larsen wrote:
> ...
>> Når jeg så logger ind, får jeg følgende i auth.log:
>> pam_mysql - Return value: 0 Password: (null) Success: 0.
> 
> Kan du se om mysql overhovedet bliver kontaktet? Fx ved
> at slå logging til i databasen.
> 
> Mogens
> 
Det gør den. Her er et 'tail' af /var/log/auth.log:

Her forbinder jeg med 'ssh bob@testserver':
Oct 13 14:53:26 ubuntu-isp sshd[28671]: Invalid user bob from 172.16.241.1
Oct 13 14:53:26 ubuntu-isp sshd[28671]: Failed none for invalid user bob
from 172.16.241.1 port 57744 ssh2

Her skriver jeg password:
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - option verbose is
set to "1"
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - option table is set
to "users"
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - option usercolumn is
set to "name"
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - option passwdcolumn
is set to "password"
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - option crypt is set
to "0"
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_close_db()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_sm_authenticate() called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_open_db()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_open_db()
returning 0.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_check_passwd() called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_format_string() called
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_quick_escape() called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - SELECT password FROM
users WHERE name = 'bob'
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_check_passwd() returning 6.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_sql_log()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_sql_log()
returning 0.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_converse()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_open_db()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_check_passwd() called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_format_string() called
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_quick_escape() called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - SELECT password FROM
users WHERE name = 'bob'
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_check_passwd() returning 6.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_sql_log()
called.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_sql_log()
returning 0.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_mysql -
pam_sm_authenticate() returning 7.
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_unix(sshd:auth): check pass;
user unknown
Oct 13 14:54:23 ubuntu-isp sshd[28671]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=172.16.241.1
Oct 13 14:54:26 ubuntu-isp sshd[28671]: Failed password for invalid user
bob from 172.16.241.1 port 57744 ssh2

Her lukker jeg forbindelsen:
Oct 13 14:54:55 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_release_ctx() called.
Oct 13 14:54:55 ubuntu-isp sshd[28671]: pam_mysql -
pam_mysql_destroy_ctx() called.
Oct 13 14:54:55 ubuntu-isp sshd[28671]: pam_mysql - pam_mysql_close_db()
called.


Hvis jeg udfører søgningen selv i MySQL får jeg følgende:
mysql> SELECT password FROM users WHERE name = 'bob';
+----------+
| password |
+----------+
| blar     |
+----------+
1 row in set (0.00 sec)

mysql>

Og det var det password jeg skrev, men det hjælper jo selvfølgelig ikke
så meget, når pam_mysql får NULL istedet for mit password :-(