nis+ & ssh

secroft at micron.com secroft at micron.com
Mon Apr 11 18:21:44 GMT 2005 

First, take out the [NOTFOUND=return] in your nsswitch.conf file. Then compare your /etc/pam.d/login and system-auth files to below and try it after that.

Scott

/etc/pam.d/login

auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_unix2.so nullok set_secrpc
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_unix2.so
session    required     /lib/security/pam_unix2.so
password    required    /lib/security/pam_unix2.so

/etc/pam.d/system-auth

auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5 shadow
auth        sufficient    /lib/security/pam_unix2.so set_secrpc
auth        required      /lib/security/pam_deny.so
 
account     sufficient      /lib/security/pam_unix.so
account     sufficient      /lib/security/pam_unix2.so set_secrpc
 
password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_unix.so nullok use_authtok
password    sufficient    /lib/security/pam_unix2.so set_secrpc
password    required      /lib/security/pam_deny.so
 
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

-----Original Message-----
From: linux-nisplus-bounces+secroft=micron.com at lists.samba.org [mailto:linux-nisplus-bounces+secroft=micron.com at lists.samba.org] On Behalf Of dave t
Sent: Monday, April 11, 2005 12:04 PM
To: linux-nisplus at lists.samba.org
Subject: nis+ & ssh

I am not able to ssh  into a RedHat box and authenticate via nis+. However, 
I'm able to telnet into the box and authenticate through nis+. Any ideas on 
how to configure sshd to authenticate via nis+.

My nsswitch.conf :

passwd:     files nisplus
shadow:     files nisplus
group:      files nisplus
hosts:      files nisplus dns
services:   nisplus [NOTFOUND=return] files
networks:   nisplus [NOTFOUND=return] files
protocols:  nisplus [NOTFOUND=return] files
rpc:        nisplus [NOTFOUND=return] files
ethers:     nisplus [NOTFOUND=return] files
netmasks:   nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
netgroup:  nisplus
publickey:  nisplus
automount:  files nisplus
aliases:    files nisplus


my /etc/pam.d/login:
#%PAM-1.0
auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    optional     pam_console.so


my /etc/ssh/sshd_config:
SyslogFacility AUTHPRIV
X11Forwarding yes
Subsystem       sftp    /usr/libexec/openssh/sftp-server

uname -a:
Linux linuxbox 2.4.21-27.0.2.ELsmp

More information about the linux-nisplus mailing list