Bad Password - #010#012#015#177INCORRECT : ssh -> pam -> libpam_sqlite -> sqlite3
Sangeeth Saravanaraj
sangeeth.saravanaraj at gmail.com
Thu Mar 6 09:01:25 EST 2014
On Thu, Mar 6, 2014 at 12:36 AM, Seth Ellsworth <
Seth.Ellsworth at software.dell.com> wrote:
> A user consists of two parts: Identity and Authentication.
>
> /etc/passwd is Identity. The user's uid, home directory, etc.
> /etc/shadow is Authentication. Their password (hashed).
>
> PAM is Pluggable Authentication Module.
> It only handles Authentication.
>
> The user still has to have an Identity at the NSS layer.
> ( NSS == Name Service Switch )
>
> ssh -> nss -> nsswitch.conf -> sqlite3
> Is there an nss module also configured for sqlite3?
>
Hi Seth,
Thanks for your comments! It really helped.
I configured libnss-sqlite module to work with the sqlite3 database which
contains user information. Also, I updated passwd, shadow and group config
in /etc/nsswitch.conf to work with sqlite.
With this setting, I was able to ssh to the Linux machine where all user
information is stored in an Sqlite3 database.
Thank you,
Sangeeth
>
> Seth Ellsworth
>
>
> -----Original Message-----
> From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+seth.ellsworth=
> quest.com at mindrot.org] On Behalf Of Karl O. Pinc
> Sent: Wednesday, March 05, 2014 12:01 PM
> To: Sangeeth Saravanaraj
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: Bad Password - #010#012#015#177INCORRECT : ssh -> pam ->
> libpam_sqlite -> sqlite3
>
> On 03/05/2014 12:46:18 PM, Sangeeth Saravanaraj wrote:
> > I want to configure secure shell access to a Linux machine where
> > allowed
> > users are stored in an sqlite3 database and not in the /etc/passwd,
> > /etc/shadow and /etc/group. I use PAM for user authentication.
>
> I can't speak to the internals but have you set
> UsePAM Yes in sshd_config?
>
>
>
> Karl <kop at meme.com>
> Free Software: "You don't pay back, you pay forward."
> -- Robert A. Heinlein
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list