Re: NIS broken in debian 2.2?
On Fri, Dec 14, 2001 at 10:09:03AM +0000, Miquel van Smoorenburg wrote:
> In article <[🔎] 20011213175358.A28956@kearneys.ca>,
> Brent Kearney <brent@kearneys.ca> wrote:
> >I'm running the 'woody' distro on a PC with Linux 2.4.12-ac6. I
> >installed the 'nis' debian package, and followed the nis.debian.howto
> >that comes with that package. The setup went smoothly, and ypbind was
> >able to contact the NIS server. ypcat works. However, NIS users are
> >unable to authenticate to the system using SSH.
>
> Did you setup /etc/nsswitch.conf and /etc/passwd correctly?
My /etc/nsswitch.conf says:
passwd: files ldap
group: files ldap
shadow: files ldap
My /etc/passwd ends in:
+::0:0:::
> >It appears that Redhat had a similar problem, but has a solution. I
> >tried copying the pam_pwdb modules from a redhat box (with the libs),
> >and subsituting it for pam_unix in /etc/pam.d/ssh and login, but no
> >luck.
>
> Do NOT use pam_pwdb. It's evil and must die.
>
> Mike.
I know nothing about it. Why is pam_pwdb evil? Since it didn't
work anyways, I removed it. Now, my /etc/pam.d/ssh looks like this:
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so try_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so use_first_pass
session required /lib/security/pam_unix_session.so
Thanks for your help,
Brent
Reply to: