[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authenticating SSH from a seperate LDAP server?
Hi,
> I'd like to run a seperate SSH daemon on a new port and have it (the new ssh
>
> daemon, nothing else) authenticate out of an OpenLDAP server running on the
> same
> box, and not from the RSA key server. I've tried including a .ldaprc file in
> the user who runs the ssh daemon's home dir but that the daemon doesn't seem
> to
> pick up on it.
> Is anyone else doing something similiar, and if you are, can you please
> explain how?
No, I haven't done something like this, but this is all up to pam-ldap and
nss-ldap, and thus I would advise you to look there.
Apart from that, I think you'll have to get the new ssh daemon to use a
different pam file from the other one (something like /etc/pam.d/ssh-p333) and
in that file you must point pam-ldap to another config file.
Hmm, you could test some kind of stackable modules to do the same in one pam.d
file.
That only leaves you with the nsswitch.
tarjei
>
> --
> John
>
>
>
Mob: 920 63 413