[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: recent update to pam causing non-root ssh logins to fail?



On Thu, 25 Nov 2004, Tomas Mraz wrote:

> On Thu, 2004-11-25 at 06:53 -0500, Robert P. J. Day wrote:
> >   recently, my fedora core 2 system started rejecting ssh logins to my
> > non-root account on that system.  if, from a remote system, i ssh to
> > root, no problem.  if i ssh to my regular account, the connection is
> > closed.

> >  account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100

> This isn't the culprit.

i'm willing to believe it's not the actual culprit but, as i read it
(not being a PAM expert), it certainly allows uid < 100 logins.
what seems to be missing is some additional rules that still allow uid
greater than 100 logins, right?

> > which clearly is what allows me to ssh in as root, but not as me.
> > should i simply change that value?  or is there a cleaner way to
> > do this?  thanks.

> Have you possibly changed something in /etc/security/limits.conf
> file recently? What is it's contents?

yes.  i added some content to support oracle 10g.  here are the
*total* non-commented contents of the limits.conf file:

*               soft    nproc   2047
*               hard    nproc   16384
*               soft    nofile  1024
*               hard    nofile  65536

it doesn't *look* like any of those should cause a problem.  more
thoughts?

rday


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]