In response to adellam: It turns out that bsd is using md5 AND des (I don't know how it's working, but it is), while redhat is using md5. The profile I'm using to test is using an md5 password (begins with $1$), however, so at least for that id the authentication hash matches between nis server and nis client. bsd wanted to use master.passwd.byname instead of shadow.byname, but to check if this was the problem I changed the yp Makefile to build shadow in addition to master.passwd . I also changed my /etc/nsswitch.conf file to match what you listen in your message. I've tried these changes using both pam_unix.so and pam_pwdb.so in my /etc/pam.d files related to logging in (system-auth, login, rsh). As root, I can do 'ypmatch profile shadow.byname' and get the encrypted password, but as the user, I get "Internal NIS error" (but then again, I can't login on the redhat machine as an NIS user). If I'm on a BSD nis client, and run 'ypmatch user_name shadow.byname' I get an error. from /etc/nsswitch.conf: =-=-=-=-=-=-= passwd: compat shadow: files nis group: compat =-=-=-=-=-=-= from /etc/passwd: =-=-=-=-=-=-= ... +:::::: =-=-=-=-=-=-= from /etc/group: =-=-=-=-=-=-= ... +: =-=-=-=-=-=-= Login on redhat nis client machine as root and 'su - nistest' works: =-=-=-=-=-=-= sh-2.05$ ypmatch nistest shadow.byname Can't match key nistest in map shadow.byname. Reason: Internal NIS error sh-2.05$ ypmatch nistest passwd.byname nistest:*:1032:20:Nis Tester:/home/nistest:/bin/sh =-=-=-=-=-=-= Errors in /var/log/messages on Redhat 7.2 nis client machine when trying to rsh using nis profile: with pam_pwdb as auth in /etc/pam.d/system-auth =-=-=-=-=-=-= Nov 22 22:41:35 redhat_host pam_rhosts_auth[2501]: denied to grega@freebsd as nistest: access not allowed Nov 22 22:41:39 redhat_host PAM_pwdb[2501]: authentication failure; (uid=0) -> nistest for rlogin service Nov 22 22:41:40 redhat_host in.rlogind[2501]: PAM authentication failure for in.rlogind Nov 22 22:41:42 redhat_host PAM_pwdb[2502]: authentication failure; (uid=0) -> nistest for login service =-=-=-=-=-=-= with pam_unix as auth in /etc/pam.d/system-auth =-=-=-=-=-=-= Nov 22 23:02:26 redhat_host pam_rhosts_auth[2998]: denied to grega@freebsd as nistest: access not allowed Nov 22 23:02:30 redhat_host rlogin(pam_unix)[2998]: authentication failure; logname= uid=0 euid=0 tty=rlogin ruser=grega rhost=freebsd user=nistest Nov 22 23:02:32 redhat_host in.rlogind[2998]: PAM authentication failed for in.rlogind =-=-=-=-=-=-= Banging my head against a wall... Greg _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
