[Samba] CVS over SSH

kenneth.westelinck at pandora.be kenneth.westelinck at pandora.be
Fri Jun 6 06:50:29 GMT 2003 

This is my pam config for ssh:
#%PAM-1.0
auth       required     pam_nologin.so
auth       sufficient   pam_winbind.so
auth       required     pam_unix.so use_first_pass shadow
auth       required     pam_env.so # [1]

account    sufficient   pam_winbind.so
account    required     pam_unix.so use_first_pass

session    sufficient   pam_mkhomedir.so skel=/etc/skel umask=0022
session    required     pam_unix.so
session    optional     pam_lastlog.so # [1]
session    optional     pam_motd.so # [1]
session    optional     pam_mail.so standard noenv # [1]
session    required     pam_limits.so

password   required     pam_unix.so

Which is working for me. I can login from any client on the server using ssh, with UIDs known on the server and UIDs known in the PDC.

What does auth.log say when you try to login? You can increase loging for winbind by putting this in your pam:
auth       sufficient   pam_winbind.so debug


------------------------
 Christophe Reynders <christophereynders at yahoo.com> wrote:
------------------------
kenneth westelinck  wrote:
>What does wbinfo -u, wbinfo -g, getent passwd, getent group say?
>
>
>This all works.  wbinfo -g -u shows me the groups and the users from the PDC. But not all of them. The list is limited. I don't know why but that isn't a big problem I think because when I run the command getent group and getent passwd, it shows me all the users. 
>
>I am able to login through ssh via a windows user on the server himself. So here does winbind his job. I can generate a public and private key on the server. But when I want to login with a windows or unix user into the server via a windows client it refuses the connection. I think that the problem may be in the pam ssh module. Do you use the same pam ssh module or do you have a different version. With my pam file it would be able to allow ssh login for windows users but it doesn't. 
>
>
>----- Original Message ----- 
>From: "Christophe Reynders" 
>To: 
>Sent: Thursday, June 05, 2003 5:22 PM
>Subject: [Samba] CVS over SSH
>
>
>> Hi there
>>
>> I'm running a samba cvs server in a windows domain with a W2K PDC. I want
>to authenticate windows users through ssh. I'm able to login with a windows
>user to the server on the server himself but when I want to login via a
>windows client It doesn't work. The connection is refused. Could it be
>something mis configured in my ssh pam module.
>> This is my pam ssh module
>> PAM configuration file for sshd
>> auth required /lib/security/pam_nologin.so
>> auth sufficient /lib/security/pam_winbind.so
>> auth required /lib/security/pam_pwdb.so shadow nullok
>>
>> account sufficient /lib/security/pam_winbind.so
>> account required /lib/security/pam_pwdb.so
>>
>> session required /lib/security/pam_pwdb.so
>> session optional /lib/security/pam_console.so
>>
>> password required /lib/security/pam_cracklib.so
>> password required /lib/security/pam_pwdb.so nullok use_authtok
>shadow
>> Could anybody please help me out, I would appreciate it
>> Thanks in advance
>> Regards
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> Free online calendar with sync to Outlook(TM).
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions: http://lists.samba.org/mailman/listinfo/samba
>>
>>
>
>
>
>
>---------------------------------
>Do you Yahoo!?
>Free online calendar with sync to Outlook(TM).
>
>kenneth westelinck &lt;kenneth.westelinck at pandora.be&gt; wrote:
>
>What does wbinfo -u, wbinfo -g, getent passwd, getent group say?
>This all works. wbinfo-g -ushows me the groups and the users from the PDC. But not all of them. Thelist is limited. I don't know why but that isn't a big problem I think becausewhen I run the command getent group and getent passwd,it shows me all the users.
>I am able to login through ssh via a windows user on the server himself. So here does winbind his job. I can generate a public and private key on the server. But when I want to login with a windows or unixuserinto the server via a windows client it refuses the connection. I think that the problem may be in the pam ssh module. Do you use the same pam ssh module or do you have a different version. With my pam fileit would be able to allow ssh login for windows users but it doesn't. 
>----- Original Message ----- From: "Christophe Reynders" To: Sent: Thursday, June 05, 2003 5:22 PMSubject: [Samba] CVS over SSH&gt; Hi there&gt;&gt; I'm running a samba cvs server in a windows domain with a W2K PDC. I wantto authenticate windows users through ssh. I'm able to login with a windowsuser to the server on the server himself but when I want to login via awindows client It doesn't work. The connection is refused. Could it besomething mis configured in my ssh pam module.&gt; This is my pam ssh module&gt; PAM configuration file for sshd&gt; auth required /lib/security/pam_nologin.so&gt; auth sufficient /lib/security/pam_winbind.so&gt; auth required /lib/security/pam_pwdb.so shadow nullok&gt;&gt; account sufficient /lib/security/pam_winbind.so&gt; account required /lib/security/pam_pwdb.so&gt;&gt; session required /lib/securi
> ty/pam_pwdb.so&gt; session optional /lib/security/pam_console.so&gt;&gt; password required /lib/security/pam_cracklib.so&gt; password required /lib/security/pam_pwdb.so nullok use_authtokshadow&gt; Could anybody please help me out, I would appreciate it&gt; Thanks in advance&gt; Regards&gt;&gt;&gt; ---------------------------------&gt; Do you Yahoo!?&gt; Free online calendar with sync to Outlook(TM).&gt; -- &gt; To unsubscribe from this list go to the following URL and read the&gt; instructions: http://lists.samba.org/mailman/listinfo/samba&gt;&gt;
>Do you Yahoo!?
>Free online calendar with sync to Outlook(TM).

More information about the samba mailing list