On Sun, Jun 20, 2004 at 02:52:35PM +0400, Alexey Zagarin wrote: > Hello! > > Does anybody know, why sshd call getpwnam() even if user is > authenticating via PAM? This broke remote authentication (RADIUS, > TACACS+) when user doesn't exist in local password database.
The user must exist in some sort of directory service in order to log in. Services like krb5 (possibly RADIUS (I can't be bothered to look it up)) don't have fields for assigning critical user information like uid, gid, home directory, shell, .... What you are interested is nsswitch against a remote directory service like NIS or LDAP. -gordon
pgp1Cwi4DC2EB.pgp
Description: PGP signature
