I am using PAM + AFS to authenticate the user, i have given persmissions to everybody read the .ssh directory of the users home directory, but ssh complains with:
pam_afs[25129]: AFS Won't use illegal password for user walter How could i resolve it ? Thanks Walter On Thu, 2007-03-08 at 10:20 -0500, Jim Rees wrote: > Alexander Al wrote: > > I'll tell the user : "can't" (because he is connecting from outside.) > > That's the wrong answer. This should go in a FAQ somewhere. You just need > to make the public key world readable. That's difficult because ssh wants > to put public and private keys both in the same directory, and afs puts the > same acls on all files in a directory. But with creative use of symlinks it > can certainly be done. > > Here is how I do it. It's not the only way, maybe not the best way, but it > works for me. > > % cd .ssh > % ls -l > total 17 > -rw-r--r-- 1 rees staff 828 Nov 16 2005 authorized_keys > -rw-r--r-- 1 rees staff 62 Dec 18 17:08 check-dups > lrwxr-xr-x 1 rees wheel 14 Jan 1 1999 config -> private/config > -rw-r--r-- 1 rees staff 52 Jan 10 2006 config-um > -rw-r--r-- 1 rees wheel 31 Jan 1 1999 environment > lrwxr-xr-x 1 rees wheel 14 Oct 13 2000 id_dsa -> private/id_dsa > -rw-r--r-- 1 rees wheel 604 Oct 13 2000 id_dsa.pub > lrwxr-xr-x 1 rees wheel 14 Jun 30 2003 id_rsa -> private/id_rsa > -rw-r--r-- 1 rees staff 224 Jun 30 2003 id_rsa.pub > lrwxr-xr-x 1 rees wheel 16 Mar 7 1997 identity -> private/identity > -rw-r--r-- 1 rees wheel 333 Feb 8 1999 identity.pub > lrwxr-xr-x 1 rees wheel 19 Mar 7 1997 known_hosts -> > private/known_hosts > drwxr-xr-x 2 rees wheel 2048 Mar 5 12:16 private > lrwxr-xr-x 1 rees wheel 19 Mar 7 1997 random_seed -> > private/random_seed > _______________________________________________ > OpenAFS-info mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-info -- _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
