[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP sshd problem... Did you ever fix?
- To: "Steven J. Sobol" <sjsobol@JustThe.net>
- Subject: Re: LDAP sshd problem... Did you ever fix?
- From: Brent Kearney <brent@kearneys.ca>
- Date: 08 Oct 2003 21:04:51 -0600
- Cc: openldap-software@OpenLDAP.org
- In-reply-to: <Pine.LNX.4.44.0310082218190.21701-100000@amethyst.nstc.com>
- Organization:
- References: <Pine.LNX.4.44.0310082218190.21701-100000@amethyst.nstc.com>
On Wed, 2003-10-08 at 20:20, Steven J. Sobol wrote:
> Hi there,
>
> I'm seeing a similar problem to the one you posted about a couple months
> ago. I found your post on the PADL pam_ldap archive. I modified the
> system_auth service instead of modifying sshd, but with the same results.
> Did you ever come up with a solution?? Thanks
Hi Steven,
I forget the specifics, but it has been working fine for awhile. Others
have asked me the same question, so I CC'd the list.
Here's my /etc/pam.d/sshd:
auth required pam_stack.so service=system-auth
auth required pam_shells.so
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
Here's my /etc/pam.d/system-auth:
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_ldap.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
nodelay
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_ldap.so
password sufficient /lib/security/pam_unix.so nullok md5 shadow
use_authtok
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
Hope that helps!
Brent