ssh + ldap issues
Lev Lvovsky
lev at sonous.com
Tue Feb 24 08:35:12 EST 2004
replying to my own post - please disregard the initial request - there
were two packages providing pam_ldap.so, installing only the correct
one fixed the problem
thanks,
-lev
On Feb 23, 2004, at 10:36 AM, Lev Lvovsky wrote:
> In an effort to install cfengine (which requires 0.96b + of ssl),
> we've had to recompile all sorts of related packages on our RedHat 6.2
> boxes. In addition, we're trying to implement an LDAP directory.
> Basically the source RPMS for RedHat 7.3 were installed and compiled
> on a 6.2 box to get this all to work.
>
> We're running into the following problem on the 6.2 boxes after having
> compiled/installed openssh-3.7.1p2 with the spec file in the contrib
> directory. Upon attempting to use an LDAP username with ssh, ssh, we
> get the following output in the logfile:
>
> ------
> Feb 23 18:32:36 tsthvy1-did1 modprobe: modprobe: Can't locate module
> net-pf-10
> Feb 23 18:32:40 tsthvy1-did1 sshd: PAM unable to
> dlopen(/lib/security/pam_ldap.so)
> Feb 23 18:32:40 tsthvy1-did1 sshd: PAM [dlerror:
> /lib/security/pam_ldap.so: symbol gethostbyname_r, version GLIBC_2.1.2
> not defined in file libc.so.6 with link time reference]
> Feb 23 18:32:40 tsthvy1-did1 sshd: PAM adding faulty module:
> /lib/security/pam_ldap.so
> Feb 23 18:32:42 tsthvy1-did1 sshd(pam_unix)[17825]: check pass; user
> unknown
> Feb 23 18:32:42 tsthvy1-did1 sshd(pam_unix)[17825]: authentication
> failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=login-server
> ------
>
> The above-referenced file pam_ldap.so does exist. All other LDAP
> related applications (su, ldapsearch, etc...) work, and are able to
> authenticate the user.
>
> Not sure if any more info is necessary to diagnose the problem, but
> any help would be appreciated.
>
> thanks,
> -lev
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list