On Fri, Dec 14, 2001 at 10:09:03AM +0000, Miquel van Smoorenburg wrote: > In article <[EMAIL PROTECTED]>, > Brent Kearney <[EMAIL PROTECTED]> wrote: > >I'm running the 'woody' distro on a PC with Linux 2.4.12-ac6. I > >installed the 'nis' debian package, and followed the nis.debian.howto > >that comes with that package. The setup went smoothly, and ypbind was > >able to contact the NIS server. ypcat works. However, NIS users are > >unable to authenticate to the system using SSH. > > Did you setup /etc/nsswitch.conf and /etc/passwd correctly?
My /etc/nsswitch.conf says: passwd: files ldap group: files ldap shadow: files ldap My /etc/passwd ends in: +::0:0::: > >It appears that Redhat had a similar problem, but has a solution. I > >tried copying the pam_pwdb modules from a redhat box (with the libs), > >and subsituting it for pam_unix in /etc/pam.d/ssh and login, but no > >luck. > > Do NOT use pam_pwdb. It's evil and must die. > > Mike. I know nothing about it. Why is pam_pwdb evil? Since it didn't work anyways, I removed it. Now, my /etc/pam.d/ssh looks like this: auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_ldap.so auth required /lib/security/pam_unix_auth.so try_first_pass account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_unix_acct.so password required /lib/security/pam_cracklib.so password sufficient /lib/security/pam_ldap.so password required /lib/security/pam_pwdb.so use_first_pass session required /lib/security/pam_unix_session.so Thanks for your help, Brent
