[cmdba]

Hello All,

I'm experiencing a problem where newly created accounts are unable to authenticate when logging in with a new SSH session - even though I can 'su -' to them from another luser account (password works).

Environment: FreeBSD 6.2-RELEASE

This seems to have started around the time I added a new group to /etc/group and assigned it a new group number.

newgroup:*:1006:www,otrs

When I looked at the /etc/password entry for new accounts, the uid/gid assignment was out of sync, like this:

test1:*:1007:1008:test1:/home/test1:/bin/tcsh
test2:*:1009:1010:test2:/home/test2:/bin/tcsh

(I was using default values (just hitting enter) for the assignment of user/group during the adduser process.)

I thought this might have something to do with it, so I deleted the new accounts (this was only happening for accounts created after the new group 'newgroup' was added). I then deleted the group 'newgroup'. When I then added new users, the gid/uid entries in /etc/password had the same values as I would expect:

test1:*:1007:1007:test1:/home/test1:/bin/tcsh
test2:*:1008:1008:test2:/home/test2:/bin/tcsh

... but I still have the same problem with logging in - I can 'su - ' to the new account from a pre-existing (non-root) luser account, but cannot log in fresh with the new user itself.

When I try to log in as the new user, I get 'Access Denied'.
/var/log/messages shows:
sshd[59417]: error: PAM: authentication error for illegal user test1 from 11.22.33.44

Anyone have a clue what's going on here?

Thanks,

Shawn