[Samba] Winbindd and SSH (just disconnects after login)

sambalists sambalists at rineco.com
Fri Nov 21 15:06:50 GMT 2003 

It looks like I've gotten the majority of things working in regards to
Winbind.  Users are being authenticated by the NT4 PDC when connecting to
shares, but I can't seem to get things set up correctly to allow logging in
via SSH(OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f).  It
appears as though I'm successfully authenticated by the PDC, but then the
connection is immediately closed.

(I'm running Mandrake Linux v9.2 and Samba Version 3.0.1pre3.)

[testuser at linuxsmb testuser]$ ssh -lTESTDOM.COM\\testuser linuxsmb
TESTDOM.COM\testuser at linuxsmb's password:
Last login: Fri Nov 21 08:40:09 2003 from linuxsmb.TESTDOM.COM
Connection to linuxsmb closed.
[testuser at linuxsmb testuser]$ ssh -lTESTDOM.COM\\testuser linuxsmb
TESTDOM.COM\testuser at linuxsmb's password:
Last login: Fri Nov 21 08:40:44 2003 from linuxsmb.TESTDOM.COM
Connection to linuxsmb closed.
Here you can see by the "Last Login:" that is displayed, that I am being
authenticated when I try connecting via ssh 2 times back to back:

Here's a smbclient session being authenticated via the NT PDC:
[testuser at linuxsmb testuser]$ smbclient
//linuxsmb/testuser -UTESTDOM.COM\\testuser -c 'ls *.txt'
Password:

  SSD55287.txt                             41401  Fri Nov  7 04:36:57 2003
  New Text Document.txt               A        0  Thu Nov 20 15:08:26 2003

                64860 blocks of size 32768. 63759 blocks available

So it appears that things are working ??

When I try connecting via SSH, no dice.  *sigh*

Here's a snippet from my /var/log/auth.log
Nov 21 08:34:52 linuxsmb pam_winbind[2842]: request failed: Wrong Password,
PAM error was 7, NT error was NT_STATUS_WRONG_PASSWORD
Nov 21 08:34:52 linuxsmb pam_winbind[2842]: user `TESTDOM.COM\testuser'
denied access (incorrect password)
Nov 21 08:34:52 linuxsmb sshd(pam_unix)[2842]: check pass; user unknown
Nov 21 08:34:52 linuxsmb sshd(pam_unix)[2842]: authentication failure;
logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=linuxsmb.TESTDOM.COM
Nov 21 08:34:57 linuxsmb pam_winbind[2842]: user 'TESTDOM.COM\testuser'
granted acces
Nov 21 08:34:57 linuxsmb pam_winbind[2842]: user 'TESTDOM.COM\testuser'
granted acces
Nov 21 08:34:57 linuxsmb sshd[2842]: Accepted password for
TESTDOM.COM\\testuser from 198.246.197.240 port 32810 ssh2

/etc/pam.d/sshd
auth       required     pam_nologin.so
auth       sufficient   pam_winbind.so
auth       required     pam_unix.so use_first_pass shadow
auth       required     pam_env.so # [1]

account    sufficient   pam_winbind.so
account    required     pam_unix.so use_first_pass

session    sufficient   pam_mkhomedir.so skel=/etc/skel umask=0022
session    required     pam_unix.so
session    optional     pam_lastlog.so # [1]
session    optional     pam_motd.so # [1]
session    optional     pam_mail.so standard noenv # [1]
session    required     pam_limits.so

password   required     pam_unix.so

What am I missing here or doing wrong?  Not sure if any other settings are
relevant, and hate blasting the list with a bunch of useless/unwanted text.

Any help/suggestions/insight would be greatly appreciated

Best Regards,
-=tim

More information about the samba mailing list