Re: pam-pwdb + NIS + ssh
On Fri, Apr 23, 1999 at 07:49:17PM -0400, Ben Collins wrote:
> On Fri, Apr 23, 1999 at 04:42:45PM -0700, Max wrote:
> > I noticed that the latest version of ssh in potato introduced PAM
> > support and totally screwed up ssh for me. It created an
> > /etc/pam.d/ssh file with the following contents:
> >
> > #%PAM-1.0
> > auth required pam_pwdb.so shadow
> > auth required pam_nologin.so
> > account required pam_pwdb.so
> > password required pam_cracklib.so
> > password required pam_pwdb.so shadow nullok use_authtok
> > session required pam_pwdb.so
Better yet, change this to:
auth required pam_unix_auth.so
auth required pam_nologin.so
account required pam_unix_acct.so
password required pam_cracklib.so
password required pam_unix_passwd.so use_authtok
session required pam_unix_session.so
This will (should) bypass pwdb alltogether and resort to the
/etc/nsswitch.conf for NS sources.
--
----- -- - -------- --------- ---- ------- ----- - - --- --------
Ben Collins <bcollins@debian.org> Debian GNU/Linux
OpenLDAP Dev - bcollins@openldap.org The Choice of the GNU Generation
------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --
Reply to: