Shaun McCullagh
2001-Nov-29 15:51 UTC
OPENssh (2.9p2) and keylogin in NIS+ on Solaris 7 with PAM
Hi, I'm trying to make sshd perform a keylogin on a Solaris 7 NIS+ client with PAM. ssh connects and works fine but keyserv reports that it `can't encrypt the session key'. So I think the keylogin failed or did not happen when the user started an ssh session. The following message is logged in syslog.>sshd[489]: pam_setcred: error Permission denied >sshd[506]: keyserv_client: can't stat 10I've double checked NIS+ is running correctly with telnet. keyserv works ok with this... I compiled OPENssh 2.9p2 (on Solaris 7) with configure --prefix=/usr/local --with-pam \ --with-tcp-wrappers --sysconfdir=/usr/local/etc \ --with-ssl-dir=/usr/local I added this line to /etc/pam.conf: sshd auth required /usr/lib/security/pam_unix.so.1 and set these parameters in sshd_config: PasswordAuthentication no PAMAuthenticationViaKdbInt yes I note that the sshd daemon is using PAM as it reports this when invoked with '-ddd' I'd really grateful for any suggestions/ideas TIA -- Shaun
Seemingly Similar Threads
- Should sshd be fixed to handle NIS+ keylogin
- [Bug 738] OpenSSH 3.7.1p2 Password Authentication Failure Through NIS+ on Non-Master Server
- [Bug 1339] New: pam_dhkeys doesn't work ( PAM_REINITIALIZE_CRED without PAM_ESTABLISH_CRED)
- 3.7.1p2: HP-UX 11.00 & NIS+ problems
- NIS+ support in samba-2.0.5a
Wisdom of the Ancients
