[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls, pam_ldap and /etc/passwd



On Thu, 25 Apr 2002, Christopher Walden wrote:
> On Thursday 25 April 2002 12:30, Dan Parker wrote:
> > It's requiring this because pam_ldap isn't talking to your LDAP server
> > over TLS.  Have you setup ssl support in /etc/ldap.conf?
>
> I did not initially have a pam_ldap.conf file.  Based on other information,
> I created one with the following:
>
>    ssl on
>    tls_ciphers  HIGH:MEDIUM:+SSLv2:RSA
>    tls_checkpeer no
>
> However, I don't know for sure if this file is being accessed.  I find it
> curious that it was not installed and is not mentioned in the
> nss_ldap/pam_ldap docs.

Did you have /etc/ldap.conf?  I believe on Red Hat /etc/ldap.conf is
the configuration file for pam_ldap and nss_ldap.  On Debian it is split
between /etc/libnss-ldap.conf and /etc/pam_ldap.conf.

Where did you find information about tls_ciphers and tls_checkpeer?
I've never seen those before...

Dan