[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problems with User Authentication using PAM & LDAP



Nigel Wade <nmw ion le ac uk> wrote:

> fkroeger iinet net au wrote:
>> Anyone had problems trying to connect via ssh to FC2 server setup for
>> ldap & pam?
>>
>> When I ssh to FC2 it prompts for my password.  I enter the password setup
>> on the ldap server (different server) - It responds with "Access denied"
>> and prompts for my password again.  I enter it a second time & it starts
>> up my ssh session.  This indicates that it is authenticating OK to the
>> ldap server - but always on the second try.  When I enter my local
>> password at the first prompt it lets me in.  So it appears that the first
>> prompt is looking up the local password and the second try it is looking
>> up the ldap entry.
>>
>> The pam.d/sshd file looks OK - it is referencing the system-auth file
>> which is generated from the authconfig command. I have tried swapping
>> around the order of files & ldap in the nsswitch.conf file but to no
>> avail.
>>
>> Any ideas?
>>
>> Regards...  Fred Kroeger
>>
>>
> It could be that PAM isn't passing the password from the initial login
> attempt to LDAP.
> 
> What does the line for pam_ldap.so look like in system-auth?
> 
> These are the relevent lines from my (working) FC1 system:
> 
> auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
> auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
> 
> where use_first_pass tells PAM to use the password which was enterd for
> pam_unix, rather than prompting for another one.


I'm with a similar problem, but when I ssh to FC2, the password is never accept. I
note that 'su' don't work either. The user is accept but the password isn't.

I set my system-auth like Nigel Wade suggested, but the password wasn't accept.


Any other idea ?

Thanks,

Bruno Stella




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]