problems with openssh-1.2.2 and pam_tacplus.so
Damien Miller
djm at mindrot.org
Thu Feb 3 12:27:15 EST 2000
On Wed, 2 Feb 2000, Dominik Brettnacher wrote:
> Hello,
>
> I have the following problem: I have installed openssh-1.2.2 on FreeBSD
> 3.4-RELEASE. I intentionally did not took the FreeBSD port because it does
> not support PAM. My aim is to make sshd authenticate against a TACACS+
> server using the pam_tacplus.so module shipped with FreeBSD. That works
> perfectly with this line in my /etc/pam.conf:
>
> login auth sufficient pam_tacplus.so
>
>
> Accordingly, I set up pam.conf like this to make sshd do the same:
>
> sshd auth required pam_tacplus.so
Is this you full PAM file for sshd? It looks like there are account
and session entries missing.
> PAM rejected by account configuration: Permission denied
What 'account' entries do you have for sshd? If there are none it
may be defaulting to deny.
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
More information about the openssh-unix-dev
mailing list