Dear all, I have a quite some difficult problems in the configuration of SLES 11 SP2 and SSH when using LDAP (on z/VM with RACF) for user authentication.
That configuration works in principle quite well. Nevertheless I have following issues which I don't know how to solve: 1.) In this configuration I have now three components (RACF, LDAP and SLES) who can enforce password checking rules. In LDAP and RACF there are NO rules set yet. I have tried several combinations in the PAM configs but I do not succeed in having one common policy. I want to have a minimum length of 5 characters but I cannot convince SLES to allow this. It asks always for minimum 6 characters. 2.) In principle the login via SSH is working very good. I encountered recently a kind of weakness in the configuration: A RACF user that uses its own RSA keys to log into the system. When I do a RACF revoke on that user, it seems that the LDAP check not takes place and the user can still login. What can be done about that? Do you have any hints how those problems can be solved? Of course it has to do with PAM configuration but for the moment is looks like voodoo to me. Any help would be appreciated. Thank you very much in advance. -- Best regards Florian ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
