nis+ & ssh
dave t
d_dave at hotmail.com
Wed Apr 13 23:42:58 GMT 2005
I made the edits to /etc/pam.d/login to look like the file you gave me and
it disabled my telnet/nis+ login. I had to revert to my orignal login file.
The system-auth made no difference either w/ ssh logins.
Also, in order for telnet to authenticate against nis+ i had to turn off
nscd.
dave
>From: secroft at micron.com
>To: <d_dave at hotmail.com>, <linux-nisplus at lists.samba.org>
>Subject: RE: nis+ & ssh
>Date: Mon, 11 Apr 2005 12:21:44 -0600
>
>First, take out the [NOTFOUND=return] in your nsswitch.conf file. Then
>compare your /etc/pam.d/login and system-auth files to below and try it
>after that.
>
>Scott
>
>/etc/pam.d/login
>
>auth required /lib/security/pam_securetty.so
>auth required /lib/security/pam_unix2.so nullok set_secrpc
>auth required /lib/security/pam_nologin.so
>account required /lib/security/pam_unix2.so
>session required /lib/security/pam_unix2.so
>password required /lib/security/pam_unix2.so
>
>/etc/pam.d/system-auth
>
>auth required /lib/security/pam_env.so
>auth sufficient /lib/security/pam_unix.so likeauth nullok md5
>shadow
>auth sufficient /lib/security/pam_unix2.so set_secrpc
>auth required /lib/security/pam_deny.so
>
>account sufficient /lib/security/pam_unix.so
>account sufficient /lib/security/pam_unix2.so set_secrpc
>
>password required /lib/security/pam_cracklib.so retry=3
>password sufficient /lib/security/pam_unix.so nullok use_authtok
>password sufficient /lib/security/pam_unix2.so set_secrpc
>password required /lib/security/pam_deny.so
>
>session required /lib/security/pam_limits.so
>session required /lib/security/pam_unix.so
>
>-----Original Message-----
>From: linux-nisplus-bounces+secroft=micron.com at lists.samba.org
>[mailto:linux-nisplus-bounces+secroft=micron.com at lists.samba.org] On Behalf
>Of dave t
>Sent: Monday, April 11, 2005 12:04 PM
>To: linux-nisplus at lists.samba.org
>Subject: nis+ & ssh
>
>I am not able to ssh into a RedHat box and authenticate via nis+. However,
>I'm able to telnet into the box and authenticate through nis+. Any ideas on
>how to configure sshd to authenticate via nis+.
>
>My nsswitch.conf :
>
>passwd: files nisplus
>shadow: files nisplus
>group: files nisplus
>hosts: files nisplus dns
>services: nisplus [NOTFOUND=return] files
>networks: nisplus [NOTFOUND=return] files
>protocols: nisplus [NOTFOUND=return] files
>rpc: nisplus [NOTFOUND=return] files
>ethers: nisplus [NOTFOUND=return] files
>netmasks: nisplus [NOTFOUND=return] files
>bootparams: nisplus [NOTFOUND=return] files
>netgroup: nisplus
>publickey: nisplus
>automount: files nisplus
>aliases: files nisplus
>
>
>my /etc/pam.d/login:
>#%PAM-1.0
>auth required pam_securetty.so
>auth required pam_stack.so service=system-auth
>auth required pam_nologin.so
>account required pam_stack.so service=system-auth
>password required pam_stack.so service=system-auth
>session required pam_stack.so service=system-auth
>session optional pam_console.so
>
>
>my /etc/ssh/sshd_config:
>SyslogFacility AUTHPRIV
>X11Forwarding yes
>Subsystem sftp /usr/libexec/openssh/sftp-server
>
>uname -a:
>Linux linuxbox 2.4.21-27.0.2.ELsmp
>
>
More information about the linux-nisplus
mailing list