From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011012 Description of problem: After upgrading my machine (on an NIS domain) to RH7.2 I couldn't login - just got a bad password message; this was login, gdm, and ssh. Some people could, some people couldn't. I could login as the local Root. After suggestions by a friend that 'pam_unix.so' was now deprecated I changed in the file /etc/pam.d/system-auth: auth sufficient /lib/security/pam_unix.so likeauth nullok to auth sufficient /lib/security/pam_pwdb.so likeauth nullok and all is peachy. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Erm well it could be the 7.2 upgrade that kicked it 2.Try to login 3. Additional info:
I've got the same problem, and the same solution seemed to work for me. I wasn't able to login at all, I had to start up in single user mode to modify the system-auth file.
did you have the !character within your password? i did and had the same problem, after changing the password without !, I got into - same with gdm and login via nis.
Nope; mine is pure mixed case english alphabetic
puuh, that's strange, but you're right: I tested some passwords with ! and some did it and some didn't. Was just an idea...
I verified that the problem is only with passwords greater than 8 characters in length. Specifically bigcrypt is being called by default instead of the normal crypt function. It seems that bigcrypt is supposed to be an option, but it is somenow now the default.
--- pam-0.75/modules/pam_unix/support.c.orig Thu Oct 25 15:24:53 2001 +++ pam-0.75/modules/pam_unix/support.c Thu Oct 25 15:24:56 2001 @@ -705,7 +705,11 @@ break; } } - pp = bigcrypt(p, salt); + if (off(UNIX_BIGCRYPT, ctrl)) { + pp = crypt(p, salt); + } else { + pp = bigcrypt(p, salt); + } } p = NULL; /* no longer needed here */
That is not the full story. My username is 7 lower case alphas followed by a '2'. When I cloned my passwd line but removed the 2 (ie, kept my uid, password, shell, etc all the same) I was able to log in. My password does exceed 8 characters, but the bug is user name sensitive too. It looks like there is a bug in bigcrypt, which is sensitive to user name, rather than bigcrypt being totally hosed.
Hmm - my password is larger than 8 characters so that could be it. (My username is just dg)
I was able to fix it by downgrading pam to the version shipped with 7.1. There is definitely a bug in this latest version of pam, when used with NIS.
It has nothing to do with NIS. I am experiencing the same problem on a machine where NIS is turned off, and the same fix corrected the problem.
This is a problem with conventionally-encrypted passwords, and it's just showing up more on systems with NIS. A bug-fix errata for this will be going out shortly.
*** Bug 55356 has been marked as a duplicate of this bug. ***
Oops, this one's actually a dupe of #54443.
*** This bug has been marked as a duplicate of 54443 ***
*** Bug 55106 has been marked as a duplicate of this bug. ***