[Samba] Advice on: sshd[28182]: PAM pam_set_item: NULL pam handle
passed
Mark Cooke
mark at mmebs.co.uk
Fri Feb 15 05:41:06 GMT 2002
Hi,
Ive got winbind and samba working great (version 2.2.3) on our RH 7.1 box's.
But as we have about 200 users on our domain, we want to restrict ssh
access on our linux box's.
So I created a group on the NT PDC called: Winbind
In this group, Ive only put our developers and us, the sy admins.
In the /etc/ssh/sshd_config, I entered the line: AllowGroups MMEBS+Winbind.
Thus, allowing sshd to only allowing access to the people in that
particular group, whilst not affecting the users who browse the box via
network neighborhood.
But this seemed to work fine for a few hrs and now no one in the Winbind
group can login to ssh.
Looking thru the /var/log/secure, Iam getting the error:
Feb 15 10:21:27 yoda sshd[28182]: PAM pam_set_item: NULL pam handle passed
Feb 15 10:21:27 yoda sshd[28182]: PAM pam_set_item: NULL pam handle passed
Feb 15 10:21:27 yoda sshd[28182]: Failed password for illegal user
MMEBS+mark from 192.168.*.* port 2166
Feb 15 10:21:29 yoda sshd[28182]: Connection closed by 192.168.*.*
If comment out the Allowgroups line in the sshd_config, It works fine.
Also getent passwd or getent group reports back correct as well.
Ive been looking thru google for the past 3 hrs, and cannot seem to find
out what exactually is causing the problem, ie wrong option in a pam config
file?, pam,ssh or samba themselves.
Iam running:
ssh: 2.9p2
pam: 0.75
samba: 2.2.3
If anyone could help, that would be appreciated greatly..
Regards
Mark
-----
----------
Mark Cooke
Internet Operations Technician
MM Group Ltd
Tel: 8141 (Internal)
Tel: (0117) 9168141 (External)
Email: mark at mmebs.co.uk
http://www.mmgroup.co.uk
More information about the samba
mailing list