-----Original Message-----
From: redhat-list-admin@xxxxxxxxxx on behalf of Simran Hansrai
Sent: Fri 1/2/2004 5:01 PM
To: redhat-list@xxxxxxxxxx
Subject: Re: Possibly Hacked
Okay, now this might make a little more sense.. the error message:
simran@hostnames password:
Permission denied, please try again.
simran@hostnames password:
Unable to find an authentication method
I tried to deploy an ldap server on this host before leaving and
reverted my changes since I was unable to get ldap up and running at the
time. I did check my nsswitch.conf file and it shows for passwd, group
and shadow files first and then ldap. So this should not be the cause
but I might be missing something else. Hopefully I am on the right
track.. Could this be the issue?
-Simran
Nsswitch isn't the only factor here. PAM would be doing your authentication.
If you don't have a LDAP server available then disable it for authentication.
There was a bug in RH <= 8 where if you have configured PAM to use LDAP
and the LDAP server goes unavailable that local logins will break also.
A fix was to change a line in /etc/pam.d/system-auth, but if you aren't
using LDAP at all then you should disable it entirely via authconfig.
-Steve
