Date: Fri, 26 Sep 2003 13:45:04 +0000 From: Miroslav Kes <mkes@ra.rockwell.com> To: freebsd-questions@freebsd.org Subject: problems with pam_ldap - ssh and file attributes Message-ID: <3F7442E0.3080705@ra.rockwell.com>
next in thread | raw e-mail | index | archive | help
Hi, I just suceeded to install and configure pam_ldap authentication on my 5.1Release box. Everything seems to work fine (ftp, telnet, samba, ...) except for ssh. Any attempt to login (as user whose account is defined in the LDAP directory) from a remote host using ssh end up with the error message: "Access denied". For users registered in /etc/passwd the ssh works fine. There is no problem when login via telnet, ftp works fine as well but the ssh doesn't. The /etc/pam.d/sshd looks like: ------------ # auth auth required pam_nologin.so no_warn auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local auth sufficient pam_ldap.so debug try_first_pass auth required pam_unix.so no_warn try_first_pass # account account required pam_login_access.so account sufficient pam_ldap.so debug account required pam_unix.so # session session required pam_permit.so # password password sufficient pam_ldap.so debug password required pam_unix.so no_warn try_first_pass -------------- Another problem is that commands like ls displays uid and gid as numbers for files owned by LDAP users. On the other hand ftp displays them correctly. Any ideas how to fix that (especially in case of ssh) would be really helpfull. Thanks Mira
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F7442E0.3080705>