On Mon, 24 Feb 2003, John Oliver wrote: > > Check the your /var/log/messages file for any ssh entries. These will tell > > you what is causing the problem. > > There *are* no entries for the login attempt in /var/log/messages or > /var/log/secure If there were, I would have posted them. That usually indicates that no call is being made to pam or sshd at all. Is the client actually getting a connection to sshd - perhaps you have not enabled sshd in /etc/hosts.allow? Does ssh work if you run it without pam_winbind? > > Do post the entries if you cannot work it out yourself from what they say > > - but be sensible and don't post hundreds of lines of logs where only a > > few are unique. > > Puh-leeeease... :-) I may be an idiot about *some* things, but that > ain't one of 'em... :-) Sorry, but it sometimes seems that 90% of the time when I ask for log entries I get 100K of repeating text back. > No, I haven't. Here's the /etc/pam.d/sshd: > > #%PAM-1.0 > auth sufficient /lib/security/pam_winbind.so > auth required /lib/security/pam_stack.so service=system-auth > auth required /lib/security/pam_nologin.so > account required /lib/security/pam_stack.so service=system-auth > account sufficient /lib/security/pam_winbind.so I think you want to reverse the order you are listing the account entries in. As it's listed here it wont work. > One weird thing... after I got winbind authentication working (for > telnet and ftp, that is), I kept monkeying and poking and prodding, > trying to get SSH working. On two machines out of 13 or so, it just > suddenly started working. All of the config files I could find were > identical, though. I've never touched the SSH config files, only the > PAM config. And the files are literally identical... diff returns > nothing. Could it be that ssh was restarted on those boxes? Please test this before saying yes or no as I've bitten myself that way before. Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ Get the T-Shirt Now _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
