I have beaten it into submission on the z/OS side - I now get:
FSUM1006 A shell was not specified. Processing continues using the default
shell name.
Warning: Permanently added the RSA host key for IP address '137.70.100.15' to
the list of known hosts.
FOTS1373 Permission denied (publickey,keyboard-interactive).
So clearly, the system generated RSA key is being recognized.
When I look at the Linux logs, I see this in 'warn'
Feb 9 15:12:44 vadnais sshd[23215]: error: PAM: Authentication failure for
sytest from owl0.co.{supressed}
Feb 9 15:12:45 vadnais last message repeated 2 times
So it is reaching the target linux, clearly, and failing there.
My pam module was modified to allow for PAM authentication against RACFLDAP and
looks like this:
#%PAM-1.0
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth required pam_env.so
auth required pam_unix2.so use_first_pass
account sufficient pam_ldap.so
account required pam_unix2.so
account required pam_nologin.so
password sufficient pam_ldap.so
password required pam_pwcheck.so
password required pam_unix2.so use_first_pass use_authtok
session required pam_unix2.so none # trace or debug
session required pam_limits.so
# Enable the following line to get resmgr support for
# SSH sessions (see /usr/share/doc/packages/resmgr/README.SuSE)
#session optional pam_resmgr.so fake_ttyname
Is there something that I am missing here? What do I need to change to enable
the SSH from z/OS to Linux to work and still have ssh authentication
from things like putty work ok.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
