--On Thursday, March 27, 2008 11:17:26 +0100 Frank Bonnet <[EMAIL PROTECTED]>
wrote:
Setting up pam ldap ssh access on a FreeBSD box takes less than five
minutes *after* installing the correct ports.
1) net/openldap-client
2) security/pam_ldap
Then configure ldap.conf (in /usr/local/etc/) which is quite simple:
host {your ldap server(s) either hostname(s) or ip(s) in a
space-separate list
dc (your dn)
Then configure /etc/pam.d/sshd thus:
auth sufficient /usr/local/lib/pam_ldap.so no_warn
try_first_pass
That's all that is needed.
That's what I did , I use nss_ldap and pam_ldap since a long time now
on many platforms and that is what do not work
Time to troubleshoot. Is the ldap server reachable? Is your search base
correct? Is a firewall blocking you? Is the ldap server running on a
non-standard port?
Something is wrong, but if you configured it the same way as I described, then
the problem lies elsewhere.
If it doesn't work, fire up wireshark (port) or tcpdump (base) and see
what the problem is.
at the very last extremity why not ?
I'm afraid I don't follow you here.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
