I actually do not have a johnl user on my system. On the ldap server, I have uidNumber and guiNumber attributes for johnl equal to 500 which is a standard user on my Linux system. I want to drop everyone into this one standard Linux user so I don't have to create multiple accounts on my Linux systems (I have many, many users across thousands of machines). The log files will show the username from the LDAP server, so I will know who logged in, but once logged in, everyone will become the standard Linux user.
Regards,
From: Ed Schmollinger <schmolli@xxxxxxxxxxxxxx> Reply-To: pam-list@xxxxxxxxxx To: pam-list@xxxxxxxxxx Subject: Re: SSH and Pam: shell /bin/bash does not exist Date: Wed, 3 Dec 2003 12:10:40 -0600
On Tue, Dec 02, 2003 at 06:48:00AM -0700, Gabby James wrote:
> When I try to ssh into the system, I receive the following error messages
> in /var/log/secure:
>
> Dec 2 07:37:55 2d2-dhcp-2-2-2 sshd[11560]: User johnl not allowed because
> shell /bin/bash does not exist
> Dec 2 07:37:55 2d2-dhcp-2-2-2 sshd[11560]: input_userauth_request: illegal
> user johnl
> Dec 2 07:37:55 2d2-dhcp-2-2-2 sshd[11560]: Failed none for illegal user
> johnl from 10.2.1.3 port 32932 ssh2
> Dec 2 07:37:57 2d2-dhcp-2-2-2 sshd[11560]: Failed password for illegal
> user johnl from 10.2.1.3 port 32932 ssh2
>
> [ ... ]
>
> I can use telnet without any problems, but ssh gives me problems.
> /bin/bash does exist on my system. It is executable, owned by root and has
> a mode of 766.
Sounds like a misleading error message. Change the mode on /bin/bash to be 755. Why oh why is /bin/bash world-writable?
Oh the off chance that you typoed and meant to say the mode was 755, you may also want to double-check that there isn't a trailing whitespace on the johnl passwd file entry. The log message appears to have an extra space in it.
-- Ed Schmollinger - schmolli@xxxxxxxxxxxxxx << attach3 >>
_________________________________________________________________
Winterize your home with tips from MSN House & Home. http://special.msn.com/home/warmhome.armx
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
