[Samba] samba/PAM/winbind/ssh

Matt Herzog msh at blisses.org
Tue Sep 12 21:50:02 GMT 2006

I have the winbind login working on FC5 but now logins to local accounts
cannot authenticate.

My config files are here:


Again, if I try to ssh in as a user that exists only as a local account on the remote 
host, I am rejected. User msh is -not- a AD account and only exists on the
FC5 server "province"

>From the /var/log/secure file:

Sep 12 16:58:29 province sshd[11521]: reverse mapping checking getaddrinfo
for zogness.cinteractive.com failed - POSSIBLE BREAK-IN ATTEMPT!
Sep 12 16:58:33 province sshd[11521]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=msh
Sep 12 16:58:35 province sshd[11521]: Failed password for msh from port 58069 ssh2
Sep 12 16:58:39 province sshd[11521]: pam_succeed_if(sshd:account):
requirement "uid < 100" not met by user "msh"
Sep 12 16:58:39 province sshd[11521]: fatal: Access denied for user msh by
PAM account configuration

Announcing your plans is a good way to hear the gods' laughter.

More information about the samba mailing list