Solaris + PAM/LDAP + pubkey failing?
Eli Klein
elijah at aclue.com
Wed Nov 10 16:33:51 EST 2004
On Wed, Nov 10, 2004 at 12:21:38PM +1100, Darren Tucker wrote:
> Eli Klein wrote:
> >I've got a Solaris 8 and 9 box using LDAP to successfully authenticate
> >users.
> >I can get logged in via ssh using keyboard interactive (via PAM/LDAP).
> >When I try to use pubkey authentication, both the pubkey as well as the
> >fallback to
> >keyboard interactive always fail. I've tried openssh versions as early as
> >3.4 and as new as the 11-06 snapshot with the same behavior. Everything
> >works fine on a linux machine which is configured to use PAM/LDAP and has
> >openssh 3.9p1 installed. Logs follow.
>
> Which OpenSSH version are those logs from? What do the sshd parts of
3.9p1
> /etc/pam.conf look like? Do you have ldap listed in the passwd part of
i've tried a separate entry for sshd:
sshd auth sufficient pam_unix_auth.so.1 server_policy
sshd auth required pam_ldap.so.1
and just grouping it under "other":
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth binding pam_unix_auth.so.1 server_policy
other auth required pam_ldap.so.1
got the same result under both..
> /etc/nsswitch.conf (I suspect you do, but it's worth checking).
yes ;) ldap login works fine when i'm NOT using a public key..
Thanks!
-Eli
More information about the openssh-unix-dev
mailing list