Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server

Anthony Messina amessina at messinet.com
Wed May 31 18:29:14 UTC 2006


ay0my wrote:
> Hi,
> 
> I have setup a new Fedora 5 Core installation and setup LDAP so that user can authenticate with a Solaris 9 iPlanet LDAP server.
> 
> However, each time I log in using SSH or FTP, using the CORRECT ldap password, it will failed.
> 
> The SSH always failed with a message like "permission denied, please try again:" error.
> 
> The full error is captured below. I have been trying to search the web for resolution but caanot find any. Any help is greatly appreciated.
> 
> bash-3.00$ ssh -v s39427 at sspxz100
> OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to sspxz100 [163.55.55.10] port 22.
> debug1: Connection established.
> debug1: identity file /export/home/s39427/.ssh/identity type -1
> debug1: identity file /export/home/s39427/.ssh/id_rsa type -1
> debug1: identity file /export/home/s39427/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
> debug1: match: OpenSSH_4.3 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_4.2
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'sspnm170' is known and matches the RSA host key.
> debug1: Found key in /export/home/s39427/.ssh/known_hosts:23
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> debug1: Next authentication method: gssapi-with-mic
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> debug1: Next authentication method: publickey
> debug1: Trying private key: /export/home/s39427/.ssh/identity
> debug1: Trying private key: /export/home/s39427/.ssh/id_rsa
> debug1: Trying private key: /export/home/s39427/.ssh/id_dsa
> debug1: Next authentication method: password
> s39427 at sspnm170's password: 
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> Permission denied, please try again.
> s39427 at sspxz100's password: 
> 

can you log in from any other services? does a gui login work? please
describe what you did to configure the ldap logins.

-- 
Anthony
http://messinet.com
http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060531/dcb76d68/attachment-0001.sig>


More information about the fedora-list mailing list