PAM/SSH Authentication thru Winbind.
From:Date: 09/24/02
- Next message: Richard Silverman: "Re: background processes?"
- Previous message: Richard Silverman: "Re: background processes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 24 Sep 2002 09:47:01 -0700
Hello,
I have been working on installing Samba/Winbind server on my corporate
Lan. I have Samba/Winbind auth working fine. I can use my Windows
Domain Username\Password combo to login to the server @ Console, Ftp
Server, XDM, and thru SMB. However I have been attempting to use SSH
with my Windows Domain Username/Password combo below is what happens
when i connect. When i use a valid Debian users i can connect thru
PuTTY.
Also here is my /etc/pam/d/ssh. You can see the entries that were made
for Winbind. I am not sure where the problem lies, i tend to believe
that it is in the PAM config for SSH. If you have any ideas or
suggestions, if you need further info to make a suggestion please let
me know and i will gladly provide it.
When I log in with correct password:
Sep 24 10:16:47 servername PAM_unix[2612]: check pass; user unknown
Sep 24 10:16:47 servername PAM_unix[2612]: authentication failure;
(uid=0) -> **unknown** for ssh service
Sep 24 10:16:47 servername pam_winbind[2612]: Verify user
`domainname/username''
Sep 24 10:16:47 servername pam_winbind[2612]: user
"domainname/username' granted acces
Sep 24 10:16:50 servername sshd[2612]: Failed password for
domainname/username from 172.23.20.79 port 1720 ssh2
When I log in with incorrect password:
Sep 24 10:18:38 servername PAM_unix[2612]: check pass; user unknown
Sep 24 10:18:38 servername pam_winbind[2612]: Verify user
`domainname/username'
Sep 24 10:18:39 servernamepam_winbind[2612]: request failed, PAM error
was 4, NT error was NT_STATUS_WRONG_PASSWORD
Sep 24 10:18:39 servername pam_winbind[2612]: internal module error
(retval = 4, user = `domainname/username'
Sep 24 10:18:40 servername sshd[2612]: Failed password for
domainname/username from 172.23.20.79 port 1720 ssh2
Sep 24 10:18:40 servername PAM_unix[2612]: 1 more authentication
failure; (uid=0) -> domainname/username for ssh service
My /etc/pam.d/ssh
%PAM-1.0
auth required pam_nologin.so
auth required pam_unix.so
auth required pam_env.so # [1]
auth sufficient /lib/security/pam_winbind.so debug
account required pam_unix.so
account sufficient /lib/security/pam_winbind.so debug
session sufficient /lib/security/pam_winbind.so debug
session required pam_unix.so
session optional pam_lastlog.so # [1]
session optional pam_motd.so # [1]
session optional pam_mail.so standard noenv # [1]
session required pam_limits.so
password required pam_unix.so
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
#
# password required pam_cracklib.so retry=3 minlen=6 difok=3
# password required pam_unix.so use_authtok nullok md5
Thank you so much,
Chad Nelson
- Next message: Richard Silverman: "Re: background processes?"
- Previous message: Richard Silverman: "Re: background processes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
