[Fedora-directory-users] Problem with solaris & FDS authentication

Igor logastellus at yahoo.com
Tue Aug 30 20:25:40 UTC 2005 

Gary, here's the output from /var/adm/messages:

Aug 30 16:17:38 unknown last message repeated 1 time
Aug 30 16:17:38 unknown sshd[1354]: [ID 800047 auth.error] error: PAM: Authentication
failed for testdba from cnyitsun01.composers.foo.com
Aug 30 16:17:39 unknown sshd[1354]: [ID 316739 auth.error] pam_ldap: no legal
authentication method configured

What does that mean?  I took the pam.conf from the website you gave me and commented out
the lines, like you said:

login   auth requisite        pam_authtok_get.so.1      debug
login   auth required         pam_dhkeys.so.1   debug
#login   auth required         pam_unix_cred.so.1       debug
login   auth required         pam_dial_auth.so.1        debug
login   auth binding          pam_unix_auth.so.1 server_policy  debug
login   auth required         pam_ldap.so.1     debug

Also:

bash-2.03# getent passwd testdba
testdba::10001:7000::/home/testdba:/bin/bash

sshd -d is totally silent.  No output after startup:

bash-2.03#  /usr/local/sbin/sshd -d
debug1: sshd version OpenSSH_3.9p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
Disabling protocol version 1. Could not load host key
debug1: rexec_argv[0]='/usr/local/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.

debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 10





--- "Tay, Gary" <Gary_Tay at platts.com> wrote:

> What is the output of "id testdba" and "getent passwd testdba"?
>  
> To use ldap auth for SSH Server, you must set these lines in /etc/ssh/sshd_config:
>  
> PasswordAuthentication yes
> ChallengeResponseAuthentication yes
> UsePAM yes

Yep, changed that!

Still (from the remote machine):

cnyitsun01/ > ssh testdba at 192.85.86.87
Password: 
LDAP Password: 
Password: 
LDAP Password: 

And it never lets me in.


		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs

More information about the Fedora-directory-users mailing list