Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Ssh authentication using 389 Directory server
Operating Systems Linux Ssh authentication using 389 Directory server Post 302810571 by shri_22ram on Wednesday 22nd of May 2013 05:51:05 AM
Old 05-22-2013
Ssh authentication using 389 Directory server
I am trying LDAP authentication for users logged in CentOS by PAM. Also I have disabled(off) nsslapd-anonymous-access flag to restrict anonymous access by providing the binddn and bindpw.
I have changed binddn and bindpw in /etc/ldap.conf for PAM to bind with LDAP to authenticate user.
ie) When a user is trying to ssh pam will be communicated to bind with LDAP by reading /etc/ldap.conf to bind with LDAP to authenticate the corresponding user.
User authentication is not working every time. ie)some time the user is authenticated and sometimes the user is not authenticated.
i have verified the tools 389 FDS, nscd ,ssd, are properly running in CentOS.
I have tried by doing ldapsearch for the corresponding user. The result shows the user properly.

Thanks
Shriram.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SSH key authentication

Hi all, I have got a Solaris machine and I have several user account setup up with the .ssh and authorized_keys file in their home directories. I have check all the permission and ownership and they are all indentical and belongs to the user ID and group respectively. However one of the... (3 Replies)
Discussion started by: stancwong
3 Replies

2. AIX

Passwordless authentication via SSH

I am trying to implement passwordless authentication via ssh2. I have used the well documented technique of generating a key pair with a blank passphrase on my client machine, and installing the public key on the destination server (AIX 5.3) in the user's .ssh2 directory. I have used this technique... (1 Reply)
Discussion started by: RegX
1 Replies

3. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

4. Red Hat

Can not connect to 389-ds via 389-console

Hi guys, I have installed 389-ds on a fedora 15 test machine. both dirsrv and dirsrv-admin is running. Also both ns-slapd and httpd.worker is running. here is netstat -antp result: tcp 0 0 0.0.0.0:9830 0.0.0.0:* LISTEN 868/httpd.worker tcp 0 0 :::389 :::* ... (4 Replies)
Discussion started by: majid.merkava
4 Replies

5. Red Hat

microsoft Server 2008 Active authentication to a linux server

Hi, Please could someone advise I'm trying to use winscp from a Window server 2008 R2, but i need to add the authentication key to access the linux rh 5.4 servers ? What is the best way of approaching this ? If there are any web links that could help me do this, that would be good. ... (1 Reply)
Discussion started by: venhart
1 Replies

6. Solaris

solaris samba configuration without wins service from authentication window server/Active directory

Hi All, We are using solaris samba server for our company project to provide access to code to our development team.Recently our ICT has disabled wins service on Active directory due which user are not able to connect to samba share and they are getting error "No logon server available" as samba... (2 Replies)
Discussion started by: sahil_shine
2 Replies

7. UNIX for Dummies Questions & Answers

Connect via ssh using active directory authentication

I want to connect via SSH that will authenticate via active directory (domain controller). For example my network login in my workstation is user123/123user under a domain. I wanted to use this details to login via ssh. In this way I don't have to add and create username everytime in the server... (1 Reply)
Discussion started by: lhareigh890
1 Replies

8. Linux

How to connect Linux server (configure two way authentication) with Windows server?

Hi my name is Manju. ->I have configure the two way authentication on my linux server. ->Now I am able to apply two way authenticator on particuler user. ->Now I want to map this linux server to my AD server. ->Kindly tell me how to map AD(Active Directory) with this linux server. ... (0 Replies)
Discussion started by: manjusharma128
0 Replies

9. Shell Programming and Scripting

How to run commands on remote server using ssh password less authentication?

Hi, I need to run a script located in a directory on remote server by using ssh authentication from my local unix server. Can anyone help me in this. I have tried the below command. It worked for echo command but when i tried to open a file using cat command it is showing "cat: cannot open... (6 Replies)
Discussion started by: ssk250
6 Replies

LEARN ABOUT MINIX

pam_ldap

pam_ldap(8)						      System Manager's Manual						       pam_ldap(8)

NAME

       pam_ldap - PAM module for LDAP-based authentication

SYNOPSIS

       pam_ldap.so [...]

DESCRIPTION

       This is a PAM module that uses an LDAP server to verify user access rights and credentials.

OPTIONS

       use_first_pass
	      Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
	      word.

       try_first_pass
	      Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt  the  user
	      for a password.

       nullok Specifying this option allows users to log in with a blank password.  Normally logins without a password are denied.

       ignore_unknown_user
	      Specifies  that  the  PAM module should return PAM_IGNORE for users that are not present in the LDAP directory.  This causes the PAM
	      framework to ignore this module.

       ignore_authinfo_unavail
	      Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server.  This causes the PAM framework  to  ig-
	      nore this module.

       no_warn
	      Specifies that warning messages should not be propagated to the PAM application.

       use_authtok
	      This  causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
	      a new password (it is analogous to use_first_pass).

       debug  This option causes the PAM module to log debugging information to syslog(3).

       minimum_uid=UID
	      This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be  used	to  bypass
	      LDAP checks for system users (e.g. by setting it to 1000).

MODULE SERVICES PROVIDED

       All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.

FILES

       /etc/pam.conf
	      the main PAM configuration file

       /etc/nslcd.conf
	      The configuration file for the nslcd daemon (see nslcd.conf(5))

SEE ALSO

       pam.conf(5), nslcd(8), nslcd.conf(5)

AUTHOR

       This manual was written by Arthur de Jong <arthur@arthurdejong.org>.

Version 0.8.10							     Jun 2012							       pam_ldap(8)
All times are GMT -4. The time now is 01:27 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy