Help with SSH V4.2p1 and netgroups in password file - OSF/1

Darren Tucker dtucker at zip.com.au
Wed Oct 19 23:26:15 EST 2005


Mr.Mike Cross wrote:
> I'm using either V3.2 or V4.2p1 depending on the system.

I don't think there was an OpenSSH 3.2 release (there was 3.2.2p1 and 
3.2.3p1).

> Server - OSF/1 V5.1 latest patch kit.
> 
> If the system has all the accounts in the password file - ssh lets
> the  users login.
> 
> If the system has "+" at the end of the passwd file, users in the
> local password file or in NIS can login
> 
> if I change the /etc/svc.conf to have "passwd=local" and add
> + at users:x::::: to the passwd file, the users who are local to the passwd
> file can login, but the users in the netgroup fail to login, just
> getting access failed and re-prompted for their password.

OpenSSH's sshd will check that the user has a valid passwd entry (as 
returned by getpwnam).  You need to tell /etc/svc.conf (or whatever the 
equivalent to /etc/nsswitch.conf is) to look in NIS too.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.




More information about the openssh-unix-dev mailing list