[Samba] Need PAM when SSH logins die after winbind added to Solaris
8 nsswitch.conf?
William Enestvedt
William.Enestvedt at jwu.edu
Thu Mar 3 18:16:50 GMT 2005
I compiled Samba 3.0.12pre1 and enabled winbind in the
/etc/nsswitch.conf file on my Solaris 8 system, and now SSH connections
time out and close after the "LoginTimeout" value in sshd_config despite
successful interactive keyboard login.
However, I don't wish to allow domain logins for SSH if I don't have
to (since no one really needs a shell on my server). Can anyone tell me
whether I _must_ re-compile Samba with "--enable-pam" and configure
/etc/pam.conf, or whether I can set sshd to ignore this? If I enable
Kerberos for SSH logins will I then side-step this problem?
I have MIT Kerberos 1.4 getting tickets from my Active Directory
server; I compiled Samba with the flags "--with-included-popt
--with-winbind --with-ads --with-ldap --with-krb5=/usr/local/kerberos"
to the `configure` command.
Thanks.
-wde
--
Will Enestvedt
UNIX System Administrator
Johnson & Wales University -- Providence, RI
More information about the samba
mailing list