Re: Connection closing on AIX 5.1

From: Doug Summers (dsummers2_at_cox.net)
Date: 01/28/04 

Date: Tue, 27 Jan 2004 15:53:04 -0800

Darren Tucker wrote:
> In article <McARb.5185$fD.1578@fed1read02>,
> Doug Summers <dsummers2@cox.net> wrote:
>
>>Using OpenSSH 3.7.1-p2 from Darren Tucker's page...
>>
>>I have a mixed environment of Solaris 8/9, RedHat Linux 7.3/9.0, and AIX
>>4.3.3/5.1. All are using the version listed above of OpenSSH. I am
>>trying to setup public-key authentication for myself so I can login
>>without a password for scripting. My home directory is NFS-mounted to
>>all systems. All user ID's are supplied by NIS (passwords are locked)
>>and normal (telnet) authentication is done by AFS. On every system
>>(except AIX 5.1) this works.
>>
>>Here is the client-side debug log:
>
> [snip snip]
>
>>Failed to set process credentials
>
>
> That's setpcred() failing.
>
> Is your accounts' "password registry" set to NIS or AFS?
>
> There's something funky going on with setpcred and NIS. (So far the
> reports are for AIX 5.1 ML4 and 5.2 ML2, I would be interested to know
> which ML you have.) I don't know if it's a problem in the NIS module or
> not, but I have opened an OpenSSH bug for this and will probably put a
> workaround for this in:
> http://bugzilla.mindrot.org/show_bug.cgi?id=796
>
> Right now, the only workaround I have is to recompile sshd after
> commenting out "#define HAVE_SETAUTHDB 1" in config.h. This may result
> in successful and failed logins not being recorded to back-end databases
> (eg LDAP).
>
Right now I have it set as "registry = AFS" . I'm only using NIS for
user ID management; AFS is being managed by another site. I guess I
could try "registry = NIS" and let you know what happens. My AIX
environment is as follows:

AIX 4.3.3 w/ML 11 (working).
AIX 5.1 w/ML5 (not working).

Doug

Relevant Pages

  • Re: NIS Problem Suse/AIX (Domains?)
    ... > client on an AIX network with an AIX NIS server. ... I last set up NIS on Linux ...
    (comp.os.linux.networking)
  • Re: centralized user management for AIX-Servers?
    ... what is the best solution available for AIX: ... > The customer running these systems is looking for a cetralized user ... We do have problems itegrating the Linux clients into NIS+ ... with rsync and some scripts to centralise user management. ...
    (comp.unix.aix)
  • Re: NIS & yppasswd
    ... What happens if they just use "passwd" on the clients to change their YP ... Also, Can we assume that if the user goes on the AIX NIS master server, ... Do you have any AIX slaves or clients that you can test the yppasswd on? ...
    (AIX-L)
  • Re: NIS Problem Suse/AIX (Domains?)
    ... The linux PC's NIS and DNS domains are different, ... IP address for the NIS server. ... >> client on an AIX network with an AIX NIS server. ...
    (comp.os.linux.networking)
  • RE: migrating user accounts to Linux
    ... But I'm not a NIS expert by any metric. ... > In AIX, is it possible to migrate the users to a CSV file? ... >> accomplish a migration of user accounts from traditional UNIX to Linux ... >> the NIS client setup since I can do it on computer by computer basis. ...
    (RedHat)