10-01-2015
Are you using sssd? How are you connecting to the servers, ssh? Does LDAP authentication work on any client machine? Do all users fail or some? Have you checked /var/log/secure on the failing machine? If so paste the relevant entries of the logs. Do you have logging enabled on the LDAP server?
Last edited by frank_rizzo; 10-01-2015 at 06:09 PM..
Reason: add questions
9 More Discussions You Might Find Interesting
1. AIX
I'm having this issue on one of my AIX box, whenever I try to do scp it asks for user, domain and password and just errors out, scp works fine on other AIX servers.
I already checked the permissions of .sshd and its files, stopped and restarted sshd subsystem.
Also it never asks for user, domain... (5 Replies)
Discussion started by: barkath
5 Replies
2. Red Hat
removing the post (6 Replies)
Discussion started by: titanic4u
6 Replies
3. Red Hat
Hi,
I have installed Nagios on Redhat 5 using rpms, it was successully installed and I have started the nagios and httpd service.
While login on browser, using nagios userid and password, I am unable to login
I have installed nagios and nagios-plugin rpms both.
I have used the command... (0 Replies)
Discussion started by: manoj.solaris
0 Replies
4. Red Hat
Hi All,
Could anyone please help to resolve the below problem.
I installed RHEL5.5 in my desktop.But when i try to activate the ethernet connection then it gives me the error.
I spent 2 days for the above and go through with several suggestion found by googling. But no luck.
... (0 Replies)
Discussion started by: Tanmoy
0 Replies
5. Red Hat
Hi All,
We connected 2 new tape drives to the servers. I am not able to see both HP tape drives in OS level. I am using RHEL 6.2 OS.
I have scanned and rebooted the server but still can't able to find the drives.
Thanks in advance..!!!!
---------- Post updated 10-22-13 at 05:07 PM... (1 Reply)
Discussion started by: Navkreddy
1 Replies
6. UNIX for Dummies Questions & Answers
Hello Friends,
I am trying to install ASE 15.7 on RHEL 5 through VMWARE.
I added the user sybase, group sybase and followed the initial checks
However while trying to run the "./setup" file from the sybase user account, I get the below error:
-bash : ./setup Permission Denied
I have created... (3 Replies)
Discussion started by: vinay_poojary83
3 Replies
7. UNIX for Dummies Questions & Answers
I worked all night on creating an RHEL 7 template customized for our private cloud and almost had it ready. While doing the final part, enabling GDM, I made the blunder of disabling SELINUX. Now I am not able to re-enable or put into permissive mode again. Earlier, when this happened on RHEL 6... (3 Replies)
Discussion started by: satish51392111
3 Replies
8. Red Hat
Hello all, I am having a bit of an issue on my Spacewalk installation. Some amplifying information is that it is Spacewalk 2.3 installed on a RHEL 6 machine and I am attempting to install/update a RHEL 5 channel/repository. I am fairly new to Spacewalk so I am still learning but this is what I... (3 Replies)
Discussion started by: jstone4646
3 Replies
9. AIX
Hi folks,
How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL?
It works like a charm without TLS/SSL.
i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
Discussion started by: paco699
6 Replies
LEARN ABOUT OPENDARWIN
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)