ssh daemon fails to call pam when user does not exist in /etc/passwd
Darren Tucker
dtucker at zip.com.au
Mon Jul 5 16:48:31 EST 2004
Damien Mascord wrote:
> I am attempting to use a new NSS method for logins (libnss-mysql), and
> have come across this behaviour as well.
[...]
> It seems as though the account is thought of as expired:
>
> debug3: mm_answer_pwnamallow
> debug3: auth_shadow_acctexpired: today 12604 sp_expire 0 days left -12604
That check only happens if PAM is disabled (just checked the 3.8.1p1
code, it's auth.c line 91 or so). Do you have "UsePAM yes" in your
sshd_config?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list