01-23-2013
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have suse (SLES 9) machine,I would like to know how to creat a PAM
configure file for ldap authentication and loading it using a "config"
argument to pam_ldap.so
Thanks for your help (0 Replies)
Discussion started by: hassan1
0 Replies
2. UNIX for Dummies Questions & Answers
Hi.
i am on solaris. I have changed pam configuration. Do i need to let pam re-read its configuration again? If so, how can i do it?
ps -ef | grep -i pam, returns no hits.
Rgds (0 Replies)
Discussion started by: yls177
0 Replies
3. AIX
I just installed SSH on an AIX machine:
> lslpp -l openssh.base.server
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
openssh.base.server 4.1.0.5301 COMMITTED Open... (1 Reply)
Discussion started by: outtacontrol
1 Replies
4. Red Hat
Hi,
I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS.
The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies
5. Red Hat
The OS is CenOS.
The sshds is started, but ssh/sftp/psftp are not working with "time out" errors.
# service sshd status
openssh-daemon (pid 2894) is running...
# tail /var/log/secure
Feb 16 10:56:47 cenos userhelper: pam_timestamp(system-config-securitylevel:session): updated... (3 Replies)
Discussion started by: aixlover
3 Replies
6. Solaris
Hi,
I´m trying to make Solaris authenticate users in AD. NTP is working, nsswitch.ldap is listed above, DNS is Ok and I made something different in pam.conf, krb5.conf and sshd_config (see above)
nsswitch.ldap:
passwd: files ldap
group: files ldap
hosts: files dns
ipnodes: ... (0 Replies)
Discussion started by: mpcavalcanti
0 Replies
7. Emergency UNIX and Linux Support
look at this, as root user change passwd and su -:
I cannot ssh in or rlogin either, (3 Replies)
Discussion started by: bigearsbilly
3 Replies
8. Solaris
Hi
I wanted to convert my pam libraries to 64 bit. so recently compiled my pam_banner and pam_wheel to 64 bit.
I got the following error...
sshd: dlsym failed pam_sm_authenticate:error ld.so.1 : sshd fatal: pam_sm_authenticate: can't find symbol
thnaks (8 Replies)
Discussion started by: chinchao
8 Replies
9. AIX
As I do a ssh <nis_user>@server1 from server2, ssh prompts for certificates (as expected the first time), then it prompts for the users password, as soon as I enter the password, I get a Connection to server1 closed by remote host, and connection to server1 closed. and I disconnect back to the... (3 Replies)
Discussion started by: mrmurdock
3 Replies
10. UNIX for Advanced & Expert Users
I've got a problem with a proxy configuration. We have an LDAP group that lists all users who are authorised to use the proxy to FTP (usually Filezilla) out to the world, and by implication those not in the group should be denied. My users are delighted that this has been enabled and those that... (9 Replies)
Discussion started by: rbatte1
9 Replies
LEARN ABOUT OPENSOLARIS
pam_deny
pam_deny(5) Standards, Environments, and Macros pam_deny(5)
NAME
pam_deny - PAM authentication, account, session and password management PAM module to deny operations
SYNOPSIS
pam_deny.so.1
DESCRIPTION
The pam_deny module implements all the PAM service module functions and returns the module type default failure return code for all calls.
The following options are interpreted:
debug syslog(3C) debugging information at the LOG_AUTH|LOG_DEBUG levels
ERRORS
The following error codes are returned:
PAM_ACCT_EXPIRED If pam_sm_acct_mgmt is called.
PAM_AUTH_ERR If pam_sm_authenticate is called.
PAM_AUTHOK_ERR If pam_sm_chauthtok is called.
PAM_CRED_ERR If pam_sm_setcred is called.
PAM_SESSION_ERR If pam_sm_open_session or pam_sm_close_session is called.
EXAMPLES
Example 1 Disallowing ssh none authentication
sshd-none auth requisite pam_deny.so.1
sshd-none account requisite pam_deny.so.1
sshd-none session requisite pam_deny.so.1
sshd-none password requisite pam_deny.so.1
Example 2 Disallowing any service not explicitly defined
other auth requisite pam_deny.so.1
other account requisite pam_deny.so.1
other session requisite pam_deny.so.1
other password requisite pam_deny.so.1
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
su(1M), libpam(3LIB), pam(3PAM), pam_sm_authenticate(3PAM), syslog(3C), pam.conf(4), nsswitch.conf(4), attributes(5), pam_authtok_check(5),
pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5),
privileges(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
The pam_deny module is intended to deny access to a specified service. The other service name may be used to deny access to services not
explicitly specified.
SunOS 5.11 16 Jun 2005 pam_deny(5)