Date: Thu, 27 Mar 2008 11:17:26 +0100 From: Frank Bonnet <f.bonnet@esiee.fr> To: Paul Schmehl <pauls@utdallas.edu> Cc: bseklecki@collaborativefusion.com, freebsd-questions@freebsd.org Subject: Re: Working /etc/pam.d/sshd file with pam_ldap 6.3 or 7.0 ? Message-ID: <47EB7436.3010901@esiee.fr> In-Reply-To: <415463677EAE17931859BFF9@[10.110.3.94]> References: <47E90D72.3060909@esiee.fr> <1206456103.18298.88.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> <47E91ACF.1040804@esiee.fr> <1206459218.18298.100.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> <47EA6563.3030109@esiee.fr> <415463677EAE17931859BFF9@[10.110.3.94]>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Schmehl wrote:
> Please don't top post. It disrupts the flow of the conversation. (See
> below for my response.)
>
> --On Wednesday, March 26, 2008 4:01 PM +0100 Frank Bonnet
> <f.bonnet@esiee.fr> wrote:
>
>> Hello
>>
>> After having spent several hours on it I can't have a working
>> ssh access that use PAM_LDAP on a freebsd 6/7 machine !
>>
>> I have no problem on a Linux Debian etch box ...
>>
>> Where are we going if Linux works better than BSD ? :-)
>>
>
> Setting up pam ldap ssh access on a FreeBSD box takes less than five
> minutes *after* installing the correct ports.
>
> 1) net/openldap-client
> 2) security/pam_ldap
>
> Then configure ldap.conf (in /usr/local/etc/) which is quite simple:
> host {your ldap server(s) either hostname(s) or ip(s) in a
> space-separate list
> dc (your dn)
>
> Then configure /etc/pam.d/sshd thus:
> auth sufficient /usr/local/lib/pam_ldap.so no_warn
> try_first_pass
>
> That's all that is needed.
>
That's what I did , I use nss_ldap and pam_ldap since a long time now
on many platforms and that is what do not work
> If it doesn't work, fire up wireshark (port) or tcpdump (base) and see
> what the problem is.
at the very last extremity why not ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47EB7436.3010901>