Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth
Package: openssh-server
Severity: important
Version: 1:5.5p1-4
On current squeeze when I login using pubkey auth to a machine that uses NIS,
I end up with only the primary group and none of the others that my user is a
member of. I can add the others using newgrp (without any passwords). If I
disable pubkey and login via password (adding -O PubkeyAuthentication=no to
the command line), the rest of the groups appear. None of the involved groups
exist in /etc/group, they all come through NIS.
This may very well be a bug in PAM or NIS, but I can't get a good enough
handle on the problem to be able to tell. I'm using the fact that an ssh
option changes the behavior as justification for filing this against it..
--
Arto Jantunen
Reply to: