Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 27 Mar 2008 09:51:27 -0500
From:      Paul Schmehl <pauls@utdallas.edu>
To:        Frank Bonnet <f.bonnet@esiee.fr>
Cc:        bseklecki@collaborativefusion.com, freebsd-questions@freebsd.org
Subject:   Re: Working /etc/pam.d/sshd file with pam_ldap  6.3 or 7.0 ?
Message-ID:  <167009639942035F5144CD13@utd65257.utdallas.edu>
In-Reply-To: <47EB7436.3010901@esiee.fr>
References:  <47E90D72.3060909@esiee.fr> <1206456103.18298.88.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> <47E91ACF.1040804@esiee.fr> <1206459218.18298.100.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> <47EA6563.3030109@esiee.fr> <415463677EAE17931859BFF9@[10.110.3.94]> <47EB7436.3010901@esiee.fr>
next in thread | previous in thread | raw e-mail | index | archive | help 
--On Thursday, March 27, 2008 11:17:26 +0100 Frank Bonnet <f.bonnet@esiee.fr> 
wrote:
>>
>> Setting up pam ldap ssh access on a FreeBSD box takes less than five
>> minutes *after* installing the correct ports.
>>
>> 1) net/openldap-client
>> 2) security/pam_ldap
>>
>> Then configure ldap.conf (in /usr/local/etc/) which is quite simple:
>> host {your ldap server(s) either hostname(s) or ip(s) in a
>> space-separate list
>> dc (your dn)
>>
>> Then configure /etc/pam.d/sshd thus:
>> auth            sufficient      /usr/local/lib/pam_ldap.so      no_warn
>> try_first_pass
>>
>> That's all that is needed.
>>
>
> That's what I did , I use nss_ldap and pam_ldap since a long time now
> on many platforms and that is what do not work
>

Time to troubleshoot.  Is the ldap server reachable?  Is your search base 
correct?  Is a firewall blocking you?  Is the ldap server running on a 
non-standard port?

Something is wrong, but if you configured it the same way as I described, then 
the problem lies elsewhere.

>
>
>> If it doesn't work, fire up wireshark (port) or tcpdump (base) and see
>> what the problem is.
>
> at the very last extremity why not ?
>

I'm afraid I don't follow you here.

-- 
Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?167009639942035F5144CD13>