TLS Issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi

I've enabled TLS and am getting below error msg's in /var/log/secure file on Fedora 9, which is my newly configured FDS , if disable TLS , am able to ssh onto the FDS server and with TLS enabled unable to login via ssh.

sshd[5487]: nss_ldap: could not search LDAP server - Server is unavailable
sshd[5487]: Invalid user test3 from 192.168.1.1
sshd[5488]: input_userauth_request: invalid user test3
sshd[5487]: nss_ldap: could not search LDAP server - Server is unavailable
sshd[5487]: pam_unix(sshd:auth): check pass; user unknown
sshd[5487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1                        
sshd[5487]: nss_ldap: could not search LDAP server - Server is unavailable
sshd[5487]: pam_succeed_if(sshd:auth): error retrieving information about user test3
sshd[5487]: Failed password for invalid user test3 from 192.168.1.1 port 38489 ssh2


/etc/ldap.conf file on Fedora 9, (FDS server ) shows as :-
base dc=true,dc=co,dc=uk
timelimit 30
bind_timelimit 30
bind_policy soft
nss_reconnect_tries 2
idle_timelimit 3600
pam_filter objectclass=posixAccount
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm,polk
ituser
ssl start_tls
tls_checkpeer yes
tls_cacertfile  /etc/openldap/cacerts/cacert.asc
pam_password md5
uri ldap://127.0.0.1/
tls_cacertdir /etc/openldap/cacerts


# authconfig --test 
caching is disabled
nss_files is always enabled
nss_compat is disabled
nss_db is disabled
nss_hesiod is disabled
 hesiod LHS = ""
 hesiod RHS = ""
nss_ldap is enabled
 LDAP+TLS is enabled
 LDAP server = "ldap://127.0.0.1/";
 LDAP base DN = "dc=true,dc=co,dc=uk"
"""" """"""
pam_ldap is enabled
 LDAP+TLS is enabled
 LDAP server = "ldap://127.0.0.1/";
 LDAP base DN = "dc=true,dc=co,dc=uk"
"" """  """   "" 
pam_cracklib is enabled (try_first_pass retry=3)
pam_passwdqc is disabled ()
pam_access is disabled ()
pam_mkhomedir is disabled ()
Always authorize local users is disabled ()
Authenticate system accounts against network services is disabled


Please advice on how to resolve, so am able to ssh onto FDS server running TLS.  I've already run setupssl2.sh script from 

Thanks in advance..

Regards
Dharmin
_________________________________________________________________
Keep your kids safer online with Windows Live Family Safety.
http://www.windowslive.com/family_safety/overview.html?ocid=TXT_TAGLM_WL_family_safety_072008
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux