GNU bug report logs - #52533
guix deploy breaks SSH access with a PAM error

Package: guix;

Reported by: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Date: Thu, 16 Dec 2021 04:46:02 UTC

Severity: important

Message #8 received at 52533 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: 52533 <at> debbugs.gnu.org
Subject: [PATCH] bug#52533: guix deploy breaks SSH access with a PAM error
Date: Thu, 16 Dec 2021 00:27:50 -0500

Hello,

I've found a workaround: disabling PAM for the remote machine
ssh-daemon.  This is not done as part of 'guix deploy', so needs to be
fiddled with manually; I did it this way:

1. take note of the command line and sshd_config file:

--8<---------------cut here---------------start------------->8---
ps -eFww | grep sshd
--8<---------------cut here---------------end--------------->8---

2. Copy the sshd_config file from /gnu/store to somewhere writable and
edit it so tha UsePAM is "no" instead of "yes".

3. Stop the Shepherd service with 'sudo herd stop ssh-daemon'

4. Start the ssh daemon manually (with sudo) by using the command found
in 1. but with the edited config from 2.

Then you should be able to 'guix deploy' successfully.

Reading 'man sshd_config', it says the default for UsePAM is no.
Considering this, and the issue it caused reported here, perhaps we
should disable it by default in Guix?

What do others think?

Thank you,

Maxim

This bug report was last modified 3 years and 147 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #52533 guix deploy breaks SSH access with a PAM error

GNU bug report logs - #52533
guix deploy breaks SSH access with a PAM error