Need information to bypass the preauth in openssh
Douglas E Engert
deengert at gmail.com
Thu Jan 26 00:23:54 AEDT 2017
On 1/25/2017 12:58 AM, Vishwanath KC wrote:
> Hi,
>
> Unfortunately we are not using NSS and LDAP. We are using only Tacacs
> server.
> The authentication needs to be done only via password.
> So please let me know how i can proceed on this.
The NSS people are referring to is not the Mozilla NSS, but the linux nssswitch
functionality.
Googling for combinations of: TACCS+ SSH NSS PAM indicates others over the
years have asked similar questions with mixed results.
Thee might be helpful:
https://github.com/jeroennijhof/pam_tacplus/
https://github.com/benschumacher/nss_tacplus
http://ftp.thinklogical.com/ftp/SCS/doc/pam_tacacs/nss-tacplus-HOWTO
https://docs.cumulusnetworks.com/display/DOCS/TACACS+Plus
>
> Regards,
> Vishwanath KC
> +918892599848.
>
> On Tue, Jan 24, 2017 at 12:26 PM, Alex Bligh <alex at alex.org.uk> wrote:
>
>>
>>> On 24 Jan 2017, at 06:53, Alex Bligh <alex at alex.org.uk> wrote:
>>>
>>> From memory, last time I got this working, we used NSS LDAP and
>>> PAM LDAP, and got public keys over LDAP too. It required some
>>> fiddling.
>>
>> With apologies for the quick followup, I think what we did was
>> roughly this:
>>
>> https://shellpower.wordpress.com/2015/05/26/ssh-public-key-
>> authentication-with-ldap-on-ubuntu/
>>
>> --
>> Alex Bligh
>>
>>
>>
>>
>>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
--
Douglas E. Engert <DEEngert at gmail.com>
More information about the openssh-unix-dev
mailing list