sshd could not initialize ldap connection
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
sshd could not initialize ldap connection
by Chris Covell-2
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
Hey guys, I have got openssh-lpk working in my Centos
environment \o/ I am tuning now and have got a small problem. When I
start sshd I get the following message: # /etc/init.d/sshd restart starting /usr/local/sbin/sshd... \c ldap_simple_bind_s(): Inappropriate authentication [LDAP] could not initialize ldap connection done. It is funny as the system actually works ! I can ssh
to the server as a user who’s public key is in the directory and a home
directory is created. I realise that this is probably an issue with the
rest of the set up rather than the lpk bits, but wondered if anyone on the list
could help ? I am not using any form of encryption TLS or SSL to
secure the binds to the directory, my config files are: /etc/pam.d/sshd +--------------------+ #%PAM-1.0 auth
required pam_stack.so service=system-auth auth
required pam_nologin.so auth
sufficient pam_ldap.so debug account
required pam_stack.so service=system-auth account sufficient
pam_ldap.so debug password required
pam_stack.so service=system-auth session
required pam_stack.so service=system-auth session
required pam_limits.so session
optional pam_console.so session
required pam_mkhomedir.so skel=/etc/skel umask=0077 +--------------------+ /usr/local/etc/sshd-config +--------------------+ UsePAM yes #LPK UseLPK yes # LpkLdapConf /etc/ldap.conf LpkServers
ldap://rbl01x LpkBindDN
cn=Manager,dc=control,dc=com LpkBindPW
secret LpkForceTLS
no LpkSearchTimelimit 3 LpkBindTimelimit 3 +--------------------+ /etc/ldap.conf +--------------------+ ssl no pam_password md5 host rbl01x base dc=control,dc=com ldap_version 2 binddn dc=control,dc=com scope sub +-------------------+ /etc/pam.d/system-auth +-------------------+ #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time
authconfig is run. auth
required /lib/security/$ISA/pam_env.so Chris Covell This message has been scanned for viruses by SurfControl on-demand services - www.surfcontrol.com |
|
|
|
|
|
Re: sshd could not initialize ldap connection
by Eric Auge
::
Rate this Message:
Hello Chris,
were you sure of your credential ? can you submit a ticket so we can track the bug and not forget it please :) thanks a lot, Regards, Eric Chris Covell wrote: > Hey there, I know it is not good form to reply to your own problems, but > I have solved it. I just removed the lpkbind entries in the sshd-config > file. I presume it is now using the default ldap data to bind etc. > > > > Chris > > > > ________________________________ > > From: Chris Covell [mailto:Chris.Covell@...] > Sent: 05 December 2006 14:28 > To: openssh-lpk-user@... > Subject: [openssh-lpk] sshd could not initialize ldap connection > > > > Hey guys, > > > > I have got openssh-lpk working in my Centos environment \o/ > > > > I am tuning now and have got a small problem. When I start sshd I get > the following message: > > > > # /etc/init.d/sshd restart > > starting /usr/local/sbin/sshd... \c > > ldap_simple_bind_s(): Inappropriate authentication > > [LDAP] could not initialize ldap connection > > done. > > > > It is funny as the system actually works ! I can ssh to the server as a > user who's public key is in the directory and a home directory is > created. > > > > I realise that this is probably an issue with the rest of the set up > rather than the lpk bits, but wondered if anyone on the list could help > ? > > > > I am not using any form of encryption TLS or SSL to secure the binds to > the directory, my config files are: > > > > /etc/pam.d/sshd > > +--------------------+ > > #%PAM-1.0 > > auth required pam_stack.so service=system-auth > > auth required pam_nologin.so > > auth sufficient pam_ldap.so debug > > account required pam_stack.so service=system-auth > > account sufficient pam_ldap.so debug > > password required pam_stack.so service=system-auth > > session required pam_stack.so service=system-auth > > session required pam_limits.so > > session optional pam_console.so > > session required pam_mkhomedir.so skel=/etc/skel umask=0077 > > +--------------------+ > > > > /usr/local/etc/sshd-config > > +--------------------+ > > UsePAM yes > > #LPK > > UseLPK yes > > # LpkLdapConf /etc/ldap.conf > > > > LpkServers ldap://rbl01x > > LpkBindDN cn=Manager,dc=control,dc=com > > LpkBindPW secret > > LpkForceTLS no > > LpkSearchTimelimit 3 > > LpkBindTimelimit 3 > > +--------------------+ > > > > /etc/ldap.conf > > +--------------------+ > > ssl no > > pam_password md5 > > host rbl01x > > base dc=control,dc=com > > ldap_version 2 > > binddn dc=control,dc=com > > scope sub > > +-------------------+ > > > > /etc/pam.d/system-auth > > +-------------------+ > > #%PAM-1.0 > > # This file is auto-generated. > > # User changes will be destroyed the next time authconfig is run. > > auth required /lib/security/$ISA/pam_env.so > > > > Chris Covell > > > > > > > > > This message has been scanned for viruses by SurfControl on-demand > services - www.surfcontrol.com > > This message has been scanned for viruses by SurfControl on-demand > services. Click here > <https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== > CrNWzanCseCpvlqGguVKU2F9qll+RnaHZMRN0gKON!gI7OzpYad!19EseiOEL1YGeYST0k1K > Fyw5Y1SAD58kGQoOaPXepyUHiZzDKLvE7ujD6C0+IHjuJexgKoUqYpupfpEZ!ucOenuopu8E > Sb94bud!dzM03XNXpVRMYaQfMQoxHZ3J7v9riE6b> to report this email as spam. > > |
signature.asc (193 bytes) 
| Free Forum Powered by Nabble | Forum Help |