Nigel Wade <nmw@xxxxxxxxxxxx> wrote: > fkroeger@xxxxxxxxxxxx wrote: >> Anyone had problems trying to connect via ssh to FC2 server setup for >> ldap & pam? >> >> When I ssh to FC2 it prompts for my password. I enter the password setup >> on the ldap server (different server) - It responds with "Access denied" >> and prompts for my password again. I enter it a second time & it starts >> up my ssh session. This indicates that it is authenticating OK to the >> ldap server - but always on the second try. When I enter my local >> password at the first prompt it lets me in. So it appears that the first >> prompt is looking up the local password and the second try it is looking >> up the ldap entry. >> >> The pam.d/sshd file looks OK - it is referencing the system-auth file >> which is generated from the authconfig command. I have tried swapping >> around the order of files & ldap in the nsswitch.conf file but to no >> avail. >> >> Any ideas? >> >> Regards... Fred Kroeger >> >> > It could be that PAM isn't passing the password from the initial login > attempt to LDAP. > > What does the line for pam_ldap.so look like in system-auth? > > These are the relevent lines from my (working) FC1 system: > > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok > auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass > > where use_first_pass tells PAM to use the password which was enterd for > pam_unix, rather than prompting for another one. I'm with a similar problem, but when I ssh to FC2, the password is never accept. I note that 'su' don't work either. The user is accept but the password isn't. I set my system-auth like Nigel Wade suggested, but the password wasn't accept. Any other idea ? Thanks, Bruno Stella
