OpenSSH and PAM

Hello!

Im trying to auth myself over ssh via PAM against an OpenLDAP server! I have added myself in the ldapserver, started up the ldap_cachemgr on my solaris 10 machine and it find my user with getent passwd. Next i have added to my pam.conf the following lines

sshd    auth requisite          pam_authtok_get.so.1
sshd    auth required           pam_dhkeys.so.1
sshd    auth sufficient         pam_unix_auth.so.1
sshd    auth required           pam_ldap.so.1 try_first_pass

I run OpenSSH3.9 compiled with --with-pam=yes flag. My sshd_conf contains the line UsePam=Yes. I turn on debug-mode 1 and tries to ssh in to the server. This is what I get from sshd.log (somewhat stripped)

debug1: PAM: initializing for "test"
PAM: setting PAM_RHOST to "clienthost"
PAM: setting PAM_TTY to "ssh"
Failed none for test from clientip port 50784 ssh2
PAM: num PAM env strin gs 0
Accepted keyboard-interactive/pam for linus from clientip port 50784 ssh2
monitor_child_preauth:  test has been authenticated by privileged process
debug1: PAM: reinitializing credentials
[ID 800047 local6.crit]fatal: PAM: pam_setcred(): Failure setting user credentials

So it do authenticate me, but it dies on the pam_setcred().

Go any idea why? How to fix?

Regards
Linus

mannieAsked:
Who is Participating?
 
yuzhCommented:
Please have a look at the following doc and fix it:

http://sunportal.sunmanagers.org/pipermail/summaries/2003-September/004371.html
0
 
yuzhCommented:
You can also download openssh binary package from:
    http://sunfreeware.com/
The binary with PAM support, make sure that you install all the dependencies packages,
read the details on the download page.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.