Hello All,

I have a CentOS 6 system that is running OpenSSH version 7.6p1 built with OpenSSL 1.0.2o. The OpenSSL is built with FIPS module 2.0.16. I have a python based pluggable authenticataion module configured using pam_python 1.0.6 and Python 2.7.10.

When I use a ssh client to login to this system, the connection is immediately closed by the system. Checking the /var/log/secure I see following error:

sshd[11255]: fatal: key_demote: error in libcrypto

Checking OpenSSH code I think this is happening when the server is demoting private keys to public keys. The problem I have tracked down is because of an import in the PAM python module which eventually imports the _ssl module. A dummy PAM python module
with just this import reproduces the issue.

Here is the dummy PAM python module that I am using to repro the issue:

-----
#!/opt/bin/python

import _ssl

def pam_sm_authenticate(pamh, flags, argv):
return pamh.PAM_SUCCESS

def pam_sm_setcred(pamh, flags, argv):
return pamh.PAM_SUCCESS

def pam_sm_open_session(pamh, flags, argv):
return pamh.PAM_SUCCESS

def pam_sm_close_session(pamh, flags, argv):
return pamh.PAM_SUCCESS

def pam_sm_acct_mgmt(pamh, flags, argv):
return pamh.PAM_SUCCESS

-----

Any help is very much appreciated in resolving or understanding this issue.

Thanks and Regards
Arshad

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)