* Colin Guthrie ([email protected]) wrote: > 'Twas brillig, and Olivier Thauvin at 27/06/12 09:17 did gyre and gimble: > > * Sander Lepik ([email protected]) wrote: > >> 27.06.2012 11:06, Olivier Thauvin kirjutas: > >>> I was updating remotly my build machine when: > >>> > >>> 192/254: openssh-server > >>> ############################################################################################################################################################# > >>> Migrating sysvinit service 'sshd' to systemd native unit 'sshd.service' > >>> via systemd install rules. > >>> Connection to cauldron64.latmos.ipsl.fr closed by remote host. > >>> Connection to cauldron64.latmos.ipsl.fr closed. > >>> > >>> This must _never_ happend if the update goes wrong you completly loose > >>> the hand on the computer. > >>> > >>> BTW: restarting sshd never shutdown pending ssh connection. > >>> > >>> Please remove or fix this. > >>> > >>> Let's see the state of machine now I was disconnected during urpmi... > >> Check your /etc/ssh/sshd_config - you must use "UsePAM yes" there. > >> https://wiki.mageia.org/en/Mageia_2_Errata#SSH_daemon_issues > > > > We already use PAM in ssh (because ldap)... > > Then check your /etc/pam.d/system-auth (or /etc/pam.d/sshd which should > include system-auth). > > > The system-auth we ship includes: > > -session optional pam_systemd.so
My system-auth is pushed via puppet to setup ldap authentication. So at time I'll add this to sshd pam config file. I wonder how other sys admin does to automated setup of their servers. Thanks. -- Olivier Thauvin CNRS - LATMOS ♖ ♘ ♗ ♕ ♔ ♗ ♘ ♖
pgpt9OBJ9QmqL.pgp
Description: PGP signature
