May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.100.1 user=BUGTEST\andreas
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): [pamh: 0x558b74961800] ENTER: pam_sm_authenticate (flags: 0x0001)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): getting password (0x00000389)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): pam_get_item returned a password
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): Verify user 'BUGTEST\andreas'
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): PAM config: krb5_ccache_type 'FILE'
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): enabling krb5 login flag
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): enabling cached login flag
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): enabling request for a FILE krb5 ccache
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): request wbcLogonUser succeeded
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): user 'BUGTEST\andreas' granted access
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): Returned user was 'BUGTEST\andreas'
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:auth): [pamh: 0x558b74961800] LEAVE: pam_sm_authenticate returning 0 (PAM_SUCCESS)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: Accepted password for BUGTEST\\andreas from 10.0.100.1 port 51760 ssh2
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:setcred): [pamh: 0x558b74961800] ENTER: pam_sm_setcred (flags: 0x0002)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:setcred): PAM_ESTABLISH_CRED not implemented
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:setcred): [pamh: 0x558b74961800] LEAVE: pam_sm_setcred returning 0 (PAM_SUCCESS)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_unix(sshd:session): session opened for user BUGTEST\andreas by (uid=0)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:session): [pamh: 0x558b74961800] ENTER: pam_sm_open_session (flags: 0x0000)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_winbind(sshd:session): [pamh: 0x558b74961800] LEAVE: pam_sm_open_session returning 0 (PAM_SUCCESS)
May 8 21:13:25 zesty-pamwinbind-1677329 sshd[1221]: pam_systemd(sshd:session): Failed to create session: No such file or directory
May 8 21:13:26 zesty-pamwinbind-1677329 sshd[1310]: pam_winbind(sshd:setcred): [pamh: 0x558b74961800] ENTER: pam_sm_setcred (flags: 0x0002)
May 8 21:13:26 zesty-pamwinbind-1677329 sshd[1310]: pam_winbind(sshd:setcred): PAM_ESTABLISH_CRED not implemented
May 8 21:13:26 zesty-pamwinbind-1677329 sshd[1310]: pam_winbind(sshd:setcred): [pamh: 0x558b74961800] LEAVE: pam_sm_setcred returning 0 (PAM_SUCCESS)
and:
andreas@nsn7:~$ ssh BUGTEST\\\andreas@10.0.100.99
Warning: Permanently added '10.0.100.99' (ECDSA) to the list of known hosts.
BUGTEST\andreas@10.0.100.99's password:
Welcome to Ubuntu 17.04 (GNU/Linux 4.4.0-77-generic x86_64)
(...)
Could not chdir to home directory /home/BUGTEST/andreas: No such file or directory
BUGTEST\andreas@zesty-pamwinbind-1677329:/$ id
uid=10000(BUGTEST\andreas) gid=10000(BUGTEST\none) groups=10000(BUGTEST\none),10002(BUILTIN\users)
BUGTEST\andreas@zesty-pamwinbind-1677329:/$ grep andreas /etc/passwd
BUGTEST\andreas@zesty-pamwinbind-1677329:/$
There are many more things to test here, though. Namely, kerberos integration.
A quick pam_winbind authentication test worked with that modification to the patch:
http:// pastebin. ubuntu. com/24539032/
May 8 21:13:25 zesty-pamwinbin d-1677329 sshd[1221]: pam_unix( sshd:auth) : authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.100.1 user=BUGTEST\ andreas d-1677329 sshd[1221]: pam_winbind( sshd:auth) : [pamh: 0x558b74961800] ENTER: pam_sm_authenticate (flags: 0x0001) d-1677329 sshd[1221]: pam_winbind( sshd:auth) : getting password (0x00000389) d-1677329 sshd[1221]: pam_winbind( sshd:auth) : pam_get_item returned a password d-1677329 sshd[1221]: pam_winbind( sshd:auth) : Verify user 'BUGTEST\andreas' d-1677329 sshd[1221]: pam_winbind( sshd:auth) : PAM config: krb5_ccache_type 'FILE' d-1677329 sshd[1221]: pam_winbind( sshd:auth) : enabling krb5 login flag d-1677329 sshd[1221]: pam_winbind( sshd:auth) : enabling cached login flag d-1677329 sshd[1221]: pam_winbind( sshd:auth) : enabling request for a FILE krb5 ccache d-1677329 sshd[1221]: pam_winbind( sshd:auth) : request wbcLogonUser succeeded d-1677329 sshd[1221]: pam_winbind( sshd:auth) : user 'BUGTEST\andreas' granted access d-1677329 sshd[1221]: pam_winbind( sshd:auth) : Returned user was 'BUGTEST\andreas' d-1677329 sshd[1221]: pam_winbind( sshd:auth) : [pamh: 0x558b74961800] LEAVE: pam_sm_authenticate returning 0 (PAM_SUCCESS) d-1677329 sshd[1221]: Accepted password for BUGTEST\\andreas from 10.0.100.1 port 51760 ssh2 d-1677329 sshd[1221]: pam_winbind( sshd:setcred) : [pamh: 0x558b74961800] ENTER: pam_sm_setcred (flags: 0x0002) d-1677329 sshd[1221]: pam_winbind( sshd:setcred) : PAM_ESTABLISH_CRED not implemented d-1677329 sshd[1221]: pam_winbind( sshd:setcred) : [pamh: 0x558b74961800] LEAVE: pam_sm_setcred returning 0 (PAM_SUCCESS) d-1677329 sshd[1221]: pam_unix( sshd:session) : session opened for user BUGTEST\andreas by (uid=0) d-1677329 sshd[1221]: pam_winbind( sshd:session) : [pamh: 0x558b74961800] ENTER: pam_sm_open_session (flags: 0x0000) d-1677329 sshd[1221]: pam_winbind( sshd:session) : [pamh: 0x558b74961800] LEAVE: pam_sm_open_session returning 0 (PAM_SUCCESS) d-1677329 sshd[1221]: pam_systemd( sshd:session) : Failed to create session: No such file or directory d-1677329 sshd[1310]: pam_winbind( sshd:setcred) : [pamh: 0x558b74961800] ENTER: pam_sm_setcred (flags: 0x0002) d-1677329 sshd[1310]: pam_winbind( sshd:setcred) : PAM_ESTABLISH_CRED not implemented d-1677329 sshd[1310]: pam_winbind( sshd:setcred) : [pamh: 0x558b74961800] LEAVE: pam_sm_setcred returning 0 (PAM_SUCCESS)
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:25 zesty-pamwinbin
May 8 21:13:26 zesty-pamwinbin
May 8 21:13:26 zesty-pamwinbin
May 8 21:13:26 zesty-pamwinbin
and: \\andreas@ 10.0.100. 99 andreas@ 10.0.100. 99's password: andreas: No such file or directory
andreas@nsn7:~$ ssh BUGTEST\
Warning: Permanently added '10.0.100.99' (ECDSA) to the list of known hosts.
BUGTEST\
Welcome to Ubuntu 17.04 (GNU/Linux 4.4.0-77-generic x86_64)
(...)
Could not chdir to home directory /home/BUGTEST/
BUGTEST\ andreas@ zesty-pamwinbin d-1677329: /$ id BUGTEST\ andreas) gid=10000( BUGTEST\ none) groups= 10000(BUGTEST\ none),10002( BUILTIN\ users)
uid=10000(
BUGTEST\ andreas@ zesty-pamwinbin d-1677329: /$ grep andreas /etc/passwd andreas@ zesty-pamwinbin d-1677329: /$
BUGTEST\
There are many more things to test here, though. Namely, kerberos integration.