[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nss-mysql-users] Re: nss-mysql +sshd +pam
|
From: |
Phillip Cockrell |
|
Subject: |
[Nss-mysql-users] Re: nss-mysql +sshd +pam |
|
Date: |
Tue, 24 Feb 2004 11:37:42 -0600 |
On Tue, 2004-02-24 at 11:16, Andreas J. Guelzow wrote:
> Hi,
>
> I notice a few things:
>
> You are using pam_mkhomedir.so. When you are trying to access the
> computer via ssh does your home directory in fact exist?
No the home directory does not exist, but in the
/etc/nss-mysql/nss-mysql.com I have it set as follows:
---snip---
# homedir_column: column containing the users'homedir
# If you don't have such a column, you can use something like
user.homedir_column = concat('/home/',login);
---snip---
>
> #%PAM-1.0 /etc/pam.d/sshd
> my file is called /etc/pam.d/ssh. You are sure that's the right name?
>
Pretty sure, thats what the OS (Gentoo) had in there.
> In the pam configuration for ssh you are using pam_shells.so, but yu
are
> not checking for an allowable shell in the regular login. DOes the
> account you are using have a shell with an entry in /etc/shells ?
No, but I have my nss-mysql.conf configured to use /bin/bash, see the
following snippet:
---snip---
# shell_column: column containing the users'shell
# If you don't have such a column, you can use something like
user.shell_column = "/bin/bash";
---snip---
> Do yu get any log information in /var/log/auth.log (or wherever you
are
> sending auth info to?)?
>
I do see the following in my general log:
Feb 24 11:33:29 [sshd] Illegal user testdcop from 10.1.100.117
Feb 24 11:33:29 [sshd(pam_unix)] check pass; user unknown
Feb 24 11:33:29 [sshd(pam_unix)] authentication failure; logname= uid=0
euid=0 tty=NODEVssh ruser= rhost=office100-117.sat.rackspace.com
Feb 24 11:33:29 [sshd] Failed none for illegal user testdcop from
10.1.100.117 port 36592 ssh2
Feb 24 11:33:35 [sshd(pam_unix)] check pass; user unknown
Thanks in advance!
Phil
> Andreas
>
> On Tue, 2004-02-24 at 08:45, Phillip Cockrell wrote:
> > Ok, I have configured my /etc/nss-mysql/nss-mysql.conf and
> > /etc/nss-mysql/nss-mysql-root.conf. I have also configured my
> > /etc/pam.d/ssh correctly as far as I can tell... However, it is
still
> > not working.
> >
> > Here are my pam.d configurations:
> >
> > #%PAM-1.0 /etc/pam.d/system-auth
> >
> > auth required /lib/security/pam_env.so
> > auth sufficient /lib/security/pam_unix.so likeauth nullok
> > nodelay
> > auth required /lib/security/pam_deny.so
> >
> > account required /lib/security/pam_unix.so
> >
> > password required /lib/security/pam_cracklib.so retry=3
> > password sufficient /lib/security/pam_unix.so nullok md5 shadow
> > use_authtok
> > password required /lib/security/pam_deny.so
> >
> > session required /lib/security/pam_limits.so
> > session required /lib/security/pam_unix.so
> > session optional /lib/security/pam_mkhomedir.so
skel=/etc/skel
> > umask=0022
> >
> > #%PAM-1.0 /etc/pam.d/login
> >
> > auth required /lib/security/pam_securetty.so
> > auth required /lib/security/pam_stack.so
service=system-auth
> > auth required /lib/security/pam_nologin.so
> >
> > account required /lib/security/pam_stack.so
service=system-auth
> >
> > password required /lib/security/pam_stack.so
service=system-auth
> >
> > session required /lib/security/pam_stack.so
service=system-auth
> > session optional /lib/security/pam_console.so
> >
> > #%PAM-1.0 /etc/pam.d/sshd
> >
> > auth required pam_stack.so service=system-auth
> > auth required pam_shells.so
> > auth required pam_nologin.so
> >
> >
> > account required pam_stack.so service=system-auth
> >
> > password required pam_stack.so service=system-auth
> >
> > session required pam_stack.so service=system-auth
> >
> > As always, any help would be GREATLY appreciated.
> >
> > Thanks,
signature.asc
Description: This is a digitally signed message part
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Nss-mysql-users] Re: nss-mysql +sshd +pam,
Phillip Cockrell <=