[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSHD doesn't start



Hi all,

I'm just learning about wonderful OpenLDAP. I want to build a AAAA server (with OpenLDAP, of course) that allows SSH.

At present I've the next testing scenario:

	* OpenLDAP server (FreeBSD 7.0)
	* OpenLDAP client (FreeBSD 7.0 also)

When server it's running, I can always perform ssh logins on client. Perfect.

The problem is when I shutdown the server and after I reboot the client, the client systems completely hangs up when it tries to run up the sshd service.

?¿?¿?¿?

If I restart the server, the client runs fine again.
I'm not understand the real reason of that behavior, but one thing is clear: SSH deamon requires OpenLDAP server runs. So I thing the problem is focused probably in pam.d module conf.


Useful info:

ldapclient# more /etc/pam.d/sshd

#
# $FreeBSD: src/etc/pam.d/sshd,v 1.16 2007/06/10 18:57:20 yar Exp $
#
# PAM configuration for the "sshd" service
#

# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
auth sufficient /usr/local/lib/pam_ldap.so no_warn try_first_pass
auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first_pass


# account
account         required        pam_nologin.so
#account        required        pam_krb5.so
account         required        pam_login_access.so
account         sufficient      /usr/local/lib/pam_ldap.so
account         required        pam_unix.so

# session
#session        optional        pam_ssh.so
session         required       /usr/local/lib/pam_mkhomedir.so debug
#session                required        pam_permit.so

# password
#password sufficient pam_krb5.so no_warn try_first_pass
password sufficient /usr/local/lib/pam_ldap.so use_authok
password required pam_unix.so no_warn try_first_pass


ldapclient# more /etc/nsswitch.conf
#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
#
group:  ldap files
passwd: ldap files
#group: compat
#group_compat: nis
hosts: files dns
#networks: files
#passwd: compat
#passwd_compat: nis
shells: files
#services: compat
#services_compat: nis
protocols: files
rpc: files

--
Thanks,
Jordi Espasa Clofent