[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and SSH authentification

In your /etc/nsswitch.conf

Try changing to these lines:

passwd: files ldap
group: files ldap
shadow: files ldap

Also in pam.d/sshd password section try adding:

password   sufficient   pam_ldap.so

To make much of this easier you might want to install packages something like this for your distro:

Good luck.

On Apr 20, 2010, at 3:15 AM, Michel Dubois wrote:

Hello Everyone,

I'm newbie on OpenLDAP. I build a LDAP server with one user. I can see this user when I did a "getent  passwd" on my client.  This is meaning that my LDAP server is working and my client is connecting on the LDAP server.
I already modify my /etc/pam.d/sshd file on t my client machine like this : 
# auth
auth        required      pam_nologin.so                no_warn
auth        sufficient    pam_opie.so                   no_warn no_fake_prompts
auth        requisite     pam_opieaccess.so             no_warn allow_local
auth        sufficient    /usr/local/lib/pam_ldap.so    no_warn
auth        required      pam_unix.so                   no_warn try_first_pass

# account
account     required      pam_login_access.so
account     required      pam_unix.so

# session
session     required      pam_permit.so

# password
password    required      pam_unix.so                   no_warn try_first_pass

But I can't be connected in shh mode on my client machine with the user login ? And this modification disable my ssh root connection.
What do  I have  to check?

Michel Dubois