I just suceeded to install and configure pam_ldap authentication on my 5.1Release box. Everything seems to work fine (ftp, telnet, samba, ...) except for ssh.
Any attempt to login (as user whose account is defined in the LDAP directory) from a remote host using ssh end up with the error message: "Access denied". For users registered in /etc/passwd the ssh works fine. There is no problem when login via telnet, ftp works fine as well but the ssh doesn't.

The /etc/pam.d/sshd looks like:
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_ldap.so debug try_first_pass
auth required pam_unix.so no_warn try_first_pass

# account
account         required        pam_login_access.so
account         sufficient      pam_ldap.so             debug
account         required        pam_unix.so

# session
session         required        pam_permit.so

# password
password sufficient pam_ldap.so debug
password required pam_unix.so no_warn try_first_pass


Another problem is that commands like ls displays uid and gid as numbers for files owned by LDAP users. On the other hand ftp displays them correctly.

Any ideas how to fix that (especially in case of ssh) would be really helpfull.



[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to