Re: OpenSSH, PAM and Host Based Authentication
From: tubabeat (kevin_at_kevinspicer.co.uk)
Date: 12/21/04
- Previous message: D: "Re: help for a newbie"
- In reply to: Richard E. Silverman: "Re: OpenSSH, PAM and Host Based Authentication"
- Next in thread: Darren Tucker: "Re: OpenSSH, PAM and Host Based Authentication"
- Reply: Darren Tucker: "Re: OpenSSH, PAM and Host Based Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Dec 2004 00:03:51 -0800
I know why PAM is disallowing the login, sorry I should have made that
clear in my post. pam_ldap authenticates the user by doing a bind
against the directory as the user using the password supplied. If it
doesn't have the password (in the hostbased login scenario) it can't
bind, and therefore doesn't authenticate.
My point is why should host-based authentication care about the users
password? If I turn pam off in sshd_config then I can't login as an
ldap user interactively but I can login using host-based
authentication. Surely that is inconsistent, or am I missing a trick
somewhere?
- Previous message: D: "Re: help for a newbie"
- In reply to: Richard E. Silverman: "Re: OpenSSH, PAM and Host Based Authentication"
- Next in thread: Darren Tucker: "Re: OpenSSH, PAM and Host Based Authentication"
- Reply: Darren Tucker: "Re: OpenSSH, PAM and Host Based Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
