Re: Solved: Problem loggin in via ssh AND ldap

To: Heinrich Rebehn <rebehn@ant.uni-bremen.de>
Cc: debian-amd64@lists.debian.org
Subject: Re: Solved: Problem loggin in via ssh AND ldap
From: Heinrich Rebehn <rebehn@ant.uni-bremen.de>
Date: Wed, 23 Nov 2005 09:38:46 +0100
Message-id: <[🔎] 43842A96.4050406@ant.uni-bremen.de>
In-reply-to: <[🔎] 438310C0.3040001@ant.uni-bremen.de>
References: <[🔎] 4382F6A8.4060502@ant.uni-bremen.de> <[🔎] 438310C0.3040001@ant.uni-bremen.de>

Heinrich Rebehn wrote:
> Heinrich Rebehn wrote:
> 
>>Hi all,
>>
>>this is my first post to this list. I searched the archives for this
>>problem but could not find anything.
>>
>>I installed Debian Sarge on an Athlon64 3000+ from amd64.debian.net.
>>I configured the machine to use ldap for authentication and
>>automounting. This setup is working fine on our i386 machines running Sarge.
>>Relevant packages installed:
>>autofs-ldap    4.1.3+4.1.4bet LDAP map support for autofs
>>ldap-utils     2.2.23-8       OpenLDAP utilities
>>libldap-2.2-7  2.2.23-8       OpenLDAP libraries
>>libldap2       2.1.30-8       OpenLDAP libraries
>>libnss-ldap    238-1          NSS module for using LDAP as a naminservic
>>ssh            3.8.1p1-8.sarg Secure rlogin/rsh/rcp replacement(OpenSSH)
>>
>>The following things work:
>>- login as root (localuser) or rebehn (ldap user) via console
>>- login as root via ssh
>>
>>The following does *not* work:
>>- login as rebehn via ssh
>>
>>/var/log/auth.log shows:
>>
>>sshd[17022]: Illegal user rebehn from ::ffff:134.102.176.10
>>sshd[17022]: (pam_unix) check pass; user unknown
>>sshd[17022]: (pam_unix) authentication failure; logname= uid=0 euid=0
>>tty=ssh ruser= rhost=bremerhaven.ant.uni-bremen.de
>>sshd[17022]: error: PAM: User not known to the underlying authentication
>>module for illegal user rebehn from bremerhaven.ant.uni-bremen.de
>>sshd[17022]: Failed keyboard-interactive/pam for illegal user rebehn
>>from ::ffff:134.102.176.10 port 57494 ssh2
>>
>>getent is working:
>>
>>root@amd64 [~] # getent passwd rebehn
>>rebehn:<crypted pwd>:232:1020:Heinrich Rebehn:/home/rebehn:/bin/bash
>>
>>
>>How does all this fit together? Why do getent and login via console work
>>whereas login via ssh does not?
>>It cannot be a ldap problem because i can login as rebehn via console.
>>It also cannot be a ssh problem because i can login as root via ssh.
>>
>>I did not change any of the pam config files.
>>
>>Can anyone help? Need more info?
>>
> 
> 
> Problem solved. A simple reboot did the trick. Normally a reboot after
> system changes is only rquired with another widely used OS ;-)
> 
> Nevertheless i am happy now :-)
> 
> Sorry for the noise,
> 
> Heinrich
> 
> 
Update: I was able to reproduce the problem with a new install.
After installing libnss-ldap and configuring /etc/nsswitch.com to use
ldap, one has to do a 'pkill -HUP sshd'.
Just for the records.

--Heinrich

Reply to:

References:
- Problem loggin in via ssh AND ldap
  - From: Heinrich Rebehn <rebehn@ant.uni-bremen.de>
- Solved: Problem loggin in via ssh AND ldap
  - From: Heinrich Rebehn <rebehn@ant.uni-bremen.de>

Prev by Date: Re: /proc/stat on amd64 explanation?
Next by Date: Re: Suggestions for a new AMD64 system
Previous by thread: Solved: Problem loggin in via ssh AND ldap
Next by thread: nvidia: Unknown symbol register_ioctl32_conversion
Index(es):
- Date
- Thread