On Tue, Nov 19, 2002 at 01:24:18PM +1000, mdevin wrote: | One thing interesting though is that if I enter my proper system | password then ldap refuses me once and gives another Password: prompt. | If I then enter the proper system password again, I am allowed to login. | So ssh must check /etc/passwd and /etc/shadow too.
It does if it is setup to do so. You can also control whether it re-prompts or not. To have the system prompt once and check the data in both databases, use options like this : auth sufficient pam_ldap.so auth required pam_unix.so nullok try_first_pass # ^^^^^^^^^^^^^^ -D -- Microsoft has argued that open source is bad for business, but you have to ask, "Whose business? Theirs, or yours?" --Tim O'Reilly http://dman.ddts.net/~dman/
msg14257/pgp00000.pgp
Description: PGP signature
