bin/60196: OpenSSH keyboard-interactive/pam authentication fails to work after the update to 10.3

["david%gutteridge.ca@localhost via gnats" <gnats-admin%NetBSD.org@localhost>]

>Number:         60196
>Category:       bin
>Synopsis:       OpenSSH keyboard-interactive/pam authentication fails to work after the update to 10.3
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Apr 17 02:50:00 +0000 2026
>Originator:     David H. Gutteridge
>Release:        HEAD
>Organization:
TNF
>Environment:
Any release after April 8th, I presume.
>Description:
After upgrading an installation from HEAD dated March 26th to a build
from April 16th, I found that PAM-reliant keyboard authentication no
longer works with OpenSSH 10.3. Restoring the previous 10.2 binaries
(sshd, sshd-session, re-pointing the libssh.so.50 symlink back to
libssh.so.50.0 in /usr/lib/private) brings back the functionality.

Example log entry:

Apr 16 21:22:48 arm64 sshd-session[1839]: SSH: Server;Ltype: Kex;Remote: 192.168.1.2-57584;Enc: chacha20-poly1305%openssh.com@localhost;MAC: <implicit>;Comp: none [preauth]
Apr 16 21:22:48 arm64 sshd-session[1839]: SSH: Server;Ltype: Authname;Remote: 192.168.1.2-57584;Name: tester [preauth]
Apr 16 21:22:48 arm64 sshd-session[1839]: fatal: sshpam_init: called initially with no packet context [preauth]

The "fatal" error message is from auth-pam.c (starting at line 724),
which I see hasn't been touched recently. I took a glance through the
last update that was made, but I didn't notice an immediately obvious
cause.

>How-To-Repeat:
As above, update to a release with OpenSSL 10.3.
>Fix: