On 20 Jan 2010, at 21:39, walt wrote:
... In the case I just described, I used it so I can identify myself
with my ssh key, which is much more secure than a password. ... I'm
not sure how I would have added ssh key authentication without pam.
I'm pretty sure it's possible, although I haven't checked how it's
working here.
Stroller.
01-21-2010, 12:23 PM
Mauro Santos
>>>> After further testing with kernel 2.6.32.4-1, I have found two bugs:
>>>>
>>>> (1) the kernel upgrade kills WindowMaker
>>>> (2) the kernel upgrade kills VirtualBox
>>>
>>> even with 2.6.32.3, I had to recomile virtualbox module. I tried to start
>>> a VM and system froze solid and had to do hard reset. With a recompile,
>>> its working though.
>>
>> Are you talking about recompile of the vbox module, that I just did, or are
>> you talking about a kernel recompile?
>
> vbox module recompile.
>
> It fixed the issue on 2.6.32-3 but from your post it seems, it is not
> sufficient for 2.6.32-4.
>
It is working here with x86_64.
I have updated _only_ the kernel, headers and firmware, after that I've
rebuilt the vbox module and reboot. Everything is working as it should.
It is clearly stated when you install virtualbox that you need to
rebuild the vbox module after every kernel update, if before it was only
needed after a kernel version change it was just luck.
And I guess just rebuilding the module doesn't cut it, if it is already
inserted you may have to rmmod it and modprobe it again, but to be safe
I think it is better to reboot the machine.
01-21-2010, 01:06 PM
Nikos Chantziaras
On 01/20/2010 11:39 PM, walt wrote:
On 01/19/2010 10:26 AM, Nikos Chantziaras wrote:
On 01/19/2010 07:55 PM, walt wrote:
On 01/18/2010 04:41 PM, walt wrote:
Here is what I see on both machines:
$su
Password: <===== I type Ctrl-d here
Segmentation fault
I've traced this problem to the pam_ssh package, which is supposed
to return a charstring containing the typed password, but it instead
returns a null pointer when I type Ctrl-d. Calamity ensues.
The key here is the pam_ssh package, which apparently the rest of you
don't use for authentication.
Just a quick question: what do you need PAM for? No it's not a
rhetorical question. I always wondered what PAM is good for; to find
out, I completely removed everything PAM related from my system
("-pam" in make.conf and then rebuild everything and then
depclean.) The system works exactly the same as before. So I'm left
wondering what PAM was doing in the first place?
I'm no expert on PAM, but I've seen it used on every linux distribution
that I've tried over the years. In the case I just described, I used it
so I can identify myself with my ssh key, which is much more secure than
a password. So, in general, pam is used to set security policy for how
users can log in, change their passwords, etc. I'm not sure how I would
have added ssh key authentication without pam. It's a good question.
Well, all of this is still working here without PAM, including keys
(I've set that option in the config file of the ssh deamon, not PAM.)
01-21-2010, 03:09 PM
Neil Bothwick
On Thu, 21 Jan 2010 16:06:34 +0200, Nikos Chantziaras wrote:
> > I'm no expert on PAM, but I've seen it used on every linux
> > distribution that I've tried over the years. In the case I just
> > described, I used it so I can identify myself with my ssh key, which
> > is much more secure than a password. So, in general, pam is used to
> > set security policy for how users can log in, change their passwords,
> > etc. I'm not sure how I would have added ssh key authentication
> > without pam. It's a good question.
>
> Well, all of this is still working here without PAM, including keys
> (I've set that option in the config file of the ssh deamon, not PAM.)
I read this that walt is using SSH keys ( on a USB stick?) for local
login, which would be best done with PAM. SSH login with keys is handled
by SSH itself.
Can you confirm walt?
--
Neil Bothwick
Therapy is expensive, popping bubble wrap is cheap! You choose.
01-21-2010, 04:12 PM
Nikos Chantziaras
On 01/21/2010 06:09 PM, Neil Bothwick wrote:
On Thu, 21 Jan 2010 16:06:34 +0200, Nikos Chantziaras wrote:
I'm no expert on PAM, but I've seen it used on every linux
distribution that I've tried over the years. In the case I just
described, I used it so I can identify myself with my ssh key, which
is much more secure than a password. So, in general, pam is used to
set security policy for how users can log in, change their passwords,
etc. I'm not sure how I would have added ssh key authentication
without pam. It's a good question.
Well, all of this is still working here without PAM, including keys
(I've set that option in the config file of the ssh deamon, not PAM.)
I read this that walt is using SSH keys ( on a USB stick?) for local
login, which would be best done with PAM. SSH login with keys is handled
by SSH itself.
Oh, don't know if it's possible on local login. Anyway, I was just
curious. PAM and ConsoleKit were two things that got installed by
default (desktop profile) and I couldn't even find a use for them, so I
removed both and didn't see any difference, so I was just wondering what
they were good for in the first place :P
01-21-2010, 06:19 PM
"David C. Rankin"
On 01/20/2010 01:44 PM, Ionut Biru wrote:
> packages for e17 wasn't rebuild. have patience or downgrade to
> extra/community and don't flood the email with useless problems.
>
> The rebuilding process is NOT FINISHED.
Sorry, those weren't complaints... Since I have blackbox, e16, e17, fluxbox,
fvwm2 gnome, (the old) kdemod3, kde4, openbox, sawfish, xfce, and WindowMaker on
the box, I was just checking to see which worked after the kernel update and
providing feeback.
Note to self: Premise responses following new kernel install with "These just
may not have been rebuilt yet but ..."
--
David C. Rankin, J.D.,P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
www.rankinlawfirm.com
01-21-2010, 06:31 PM
Byron Clark
On Thu, Jan 21, 2010 at 01:19:44PM -0600, David C. Rankin wrote:
> On 01/20/2010 01:44 PM, Ionut Biru wrote:
> > packages for e17 wasn't rebuild. have patience or downgrade to
> > extra/community and don't flood the email with useless problems.
> >
> > The rebuilding process is NOT FINISHED.
>
> Sorry, those weren't complaints... Since I have blackbox, e16, e17, fluxbox,
> fvwm2 gnome, (the old) kdemod3, kde4, openbox, sawfish, xfce, and WindowMaker on
> the box, I was just checking to see which worked after the kernel update and
> providing feeback.
I'm guessing that none of those were broken because of the kernel
update, but because of the unfinished libpng rebuild in testing.
--
Byron Clark
01-21-2010, 08:03 PM
Neil Bothwick
On Thu, 21 Jan 2010 19:12:50 +0200, Nikos Chantziaras wrote:
> Oh, don't know if it's possible on local login. Anyway, I was just
> curious. PAM and ConsoleKit were two things that got installed by
> default (desktop profile) and I couldn't even find a use for them, so I
> removed both and didn't see any difference, so I was just wondering
> what they were good for in the first place :P
I run with USE=-pam but I know it can be used for things like keyfile
based logins.
--
Neil Bothwick
My Go this amn keyboar oesn't have any 's.
01-21-2010, 08:13 PM
"David C. Rankin"
On 01/21/2010 01:31 PM, Byron Clark wrote:
>
> I'm guessing that none of those were broken because of the kernel
> update, but because of the unfinished libpng rebuild in testing.
>
100% Correct. The issues were libpng12 to libpng14 and libjpg.
--
David C. Rankin, J.D.,P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
www.rankinlawfirm.com
01-22-2010, 02:22 PM
walt
On 01/21/2010 08:09 AM, Neil Bothwick wrote:
On Thu, 21 Jan 2010 16:06:34 +0200, Nikos Chantziaras wrote:
I'm no expert on PAM, but I've seen it used on every linux
distribution that I've tried over the years. In the case I just
described, I used it so I can identify myself with my ssh key, which
is much more secure than a password. So, in general, pam is used to
set security policy for how users can log in, change their passwords,
etc. I'm not sure how I would have added ssh key authentication
without pam. It's a good question.
Well, all of this is still working here without PAM, including keys
(I've set that option in the config file of the ssh deamon, not PAM.)
I read this that walt is using SSH keys ( on a USB stick?) for local
login, which would be best done with PAM. SSH login with keys is handled
by SSH itself.
Can you confirm walt?
I'm using it to ssh between the machines on my local network, where I
have the same ssh key on each machine. I don't have any need to login
elsewhere by carrying the key on a USB stick -- I wish the machines at
work would let me do that, but they don't.
