Openssh login behavior changes or fails after SLES 10 SP4 is installed

  • 7009233
  • 23-Aug-2011
  • 30-Apr-2012

Environment

Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
SUSE Linux Enterprise Server 10 Service Pack 4

Situation

SLES 10 has been updated to SP4
 
SSH and SFTP authentication now fails, or at least changes in it's behavior.
 
SSH stops working after SP4

Resolution

After updating to SP4, the pam file for sshd (/etc/pam.d/sshd) will have been replaced and the new file will contain a new configuration.  This new default file addresses minor security concerns and is needed with the new openssh 5.x package provided in SP4.  If any customizations had been done to this file previously, they will no longer be in effect.
 
The previous /etc/pam.d/sshd file will be saved as /etc/pam.d/sshd.rpmsave.  However, for those who need to re-customize their file in order to regain certain functionality, it may not be appropriate to simply copy the old file back into place.  Pam files affect authentication security, so any customizations should be carefully considered before being implemented.  Carefully consider the contents of the old and new file to determine whether / how they may need to be merged.
 
Note:  For OES 2 SP3, the new /etc/pam.d/sshd provided by SLES 10 SP4 will not contain the syntax to support LUM authentication.  The services must be LUM-enable again to correct this.  See the intstruction at: