dang, had totally forgotten about auth.log. Thanks
did a quick look through google and nothing in /etc/group and no local user account for nis_user. There was a mention of a getpwid patch but if it was OS, then why does my other 3 AIX boxes work without issue. Same nis server for all 5 boxes.
---------- Post updated at 03:47 PM ---------- Previous update was at 02:52 PM ----------
Fixed the problem.
The issue is there is a bug in openssh where if there is a /etc/group --> GID_NAME and if the LDAP or NIS user has a same GID_NAME, but different value you will get this inability to login via ssh.
the corrective action is to make the /etc/group --> GID_NAME value the same as the naming service value, or delete the local GID_NAME.
Moderator's Comments:
Please use CODE tags as required by forum rules!
Last edited by RudiC; 09-21-2016 at 07:03 AM..
Reason: Added CODE tags.
HI,
We are facing a problem while trying to login using ssh.
The user is able to login using telnet.
We are able to login as another user using ssh and then su to that user which is successfull.
What should i be checking for the user to be able to login directly using ssh.
Thanks in... (2 Replies)
I want to login to server using ssh or telnet and execute one command then exit to the shell
Please let me know how to write script for this? (1 Reply)
1)
ssh a@b
echo $USER it display the correct value as a (even though i have not defined it in .profile)
2)
remsh b -l a
echo $USER it does not display the value as a (variable is not set
any idea why $USER variable is not initialized when i login via remsh or rlogin but shows the... (10 Replies)
Hey guys,
I have some task from my office to lock user on the specified directory after the user logged on using ssh. And then run prompt program to fill the required information. Yeah, just like an ATM system.
My question:
How could I do those?? AFAIK I have to edit the ~./bashrc. But the... (1 Reply)
Hi,
I want to suppress ssh login logs of a particular user to get logged in /var/adm/syslog/syslog.log
As am using a user to monitor a server over ssh in 5 miute interval..and that creating un-necessary logs in my syslog.log file .. Please help me if there any way I can suppress this logs only... (6 Replies)
This is a weird problem. Following is my code.
/opt/quest/bin/vastool configure pam sshd
/opt/quest/bin/vastool configure pam ssh
cat /etc/pam.conf | \
awk '$1=="ssh"||$1=="sshd"||$1=="emagent"{sub("prohibit","aix",$NF);}1' OFS='\t' > /etc/pam.conf
cat /etc/ssh/sshd_config | \
sed -e... (2 Replies)
I have been asked to see if we can restrict SFTP access to authorised users only. There will be business users who will log on with SSH, but they are locked into a menu. They will have write access to the production data to do their job, but we don't want them to have access to read/write the... (8 Replies)
HI Community.
I was trying to create ssh password less authentication for one user called night and it's not working for me.
These are the steps I followed:-
I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.... (4 Replies)
Hello Gurus,
I want One user to su to another without allowing root access and password.
I want to run a specific command as below from user am663:
---------------------------------------------------------
sudo -u appsprj4 /home/appsrj4/scripts/start_apache.sh
-------------------
But... (6 Replies)
I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies
LEARN ABOUT OPENSOLARIS
pam_allow
pam_allow(5) Standards, Environments, and Macros pam_allow(5)NAME
pam_allow - PAM authentication, account, session and password management PAM module to allow operations
SYNOPSIS
pam_allow.so.1
DESCRIPTION
The pam_allow module implements all the PAM service module functions and returns PAM_SUCCESS for all calls. Opposite functionality is
available in the pam_deny(5) module.
Proper Solaris authentication operation requires pam_unix_cred(5) be stacked above pam_allow.
The following options are interpreted:
debug Provides syslog(3C) debugging information at the LOG_AUTH | LOG_DEBUG level.
ERRORS
PAM_SUCCESS is always returned.
EXAMPLES
Example 1 Allowing ssh none
The following example is a pam.conf fragment that illustrates a sample for allowing ssh none authentication:
sshd-none auth required pam_unix_cred.so.1
sshd-none auth sufficient pam_allow.so.1
sshd-none account sufficient pam_allow.so.1
sshd-none session sufficient pam_allow.so.1
sshd-none password sufficient pam_allow.so.1
Example 2 Allowing Kiosk Automatic Login Service
The following is example is a pam.conf fragment that illustrates a sample for allowing gdm kiosk auto login:
gdm-autologin auth required pam_unix_cred.so.1
gdm-autologin auth sufficient pam_allow.so.1
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Stable |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO libpam(3LIB), pam(3PAM), pam_sm(3PAM), syslog(3C), pam.conf(4), attributes(5), pam_deny(5), pam_unix_cred(5)NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
This module is intended to be used to either allow access to specific services names, or to all service names not specified (by specifying
it as the default service stack).
SunOS 5.11 25 Aug 2005 pam_allow(5)