[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap authentication
Hi all Gurus
I want to do authentication against ldap. my ldap appeared to be set
properly i.e from client i can run ldapsearch with -Y gssapi and it
works fine. when i do getent passwd i do get responce from ldap.but when
i do ssh to the server (enbled in pam) i get the following message in my
logs
Feb 13 16:06:21 medusa05 sshd(pam_unix)[29603]: check pass; user unknown
Feb 13 16:06:21 medusa05 sshd[29603]: PAM-listfile: getgrgid(8509) failed
Feb 13 16:06:21 medusa05 sshd[29603]: pam_krb5afs: authentication
succeeds for `pche066'
Feb 13 16:06:21 medusa05 sshd[29603]: pam_krb5afs: Got 130 extra bytes
in v4 TGT
Feb 13 16:06:24 medusa05 sshd[29603]: Failed password for pche066 from
130.216.35.160 port 33224 ssh2
can anybody hep me in rectifying this problem ? secondly in my ldap
database i have following entry
# pche066, People, cs.auckland.ac.nz
dn: uid=pche066,ou=People,dc=cs,dc=auckland,dc=ac,dc=nz
description: created by ldapa - `me mi my mo, me mo my me'
cn: pche066
objectClass: posixAccount
objectClass: account
objectClass: top
loginShell: /bin/bash
userPassword:: e2tlcmJlcm9zfXBjaGUwNjZARUMuQVVDS0xBTkQuQUMuTlo=
uid: pche066
homeDirectory: /afs/ec.auckland.ac.nz/users/p/c/pche066/unixhome
gecos: pche066
uidNumber: 22091
gidNumber: 8509
well, do i have to change userPassword to make it read as
userPassword: {KERBEROS}pche066@EC.AUCKLAND.AC.NZ
to make ssh work
Thanks a lot for yr help so far
Regards
-Bobby