* [Comm] PAM, MySQL, sshd.
@ 2005-12-19 18:34 Pavlov Konstantin
0 siblings, 0 replies; only message in thread
From: Pavlov Konstantin @ 2005-12-19 18:34 UTC (permalink / raw)
To: sisyphus, community
Привет всем.
Есть задача сделать возможной авторизацию на сервере пользователей,
данные о которых храняться в MySQL.
Для этого использую:
pam-mysql-0.7-alt9.pre3 (обновленная версия из sisyphus),
nss-mysql-1.0-alt1 с http://savannah.nongnu.org/projects/nss-mysql/ (в
сизифе пока нет)
Пока смог достичь того, что пользователи могут логиниться локально
(с клавиатуры :), посредством "su - username" и по FTP (proftpd).
При логине по ssh выводит следующее:
---
Dec 19 21:20:54 exchange sshd[29795]: Unknown username from
172.16.127.131
...
Dec 19 21:20:54 exchange sshd[29795]: pam_mysql - SELECT password FROM
user WHERE user_name = 'ILLEGAL USER'
Dec 19 21:20:54 exchange sshd[29795]: pam_mysql - SELECT returned no
result.
...
Dec 19 21:20:55 exchange sshd[29795]: pam_tcb(sshd:auth):
Authentication failed for UNKNOWN USER from (uid=0)
---
Собственно /etc/pam.d/sshd:
---
#%PAM-1.0
auth required pam_userpass.so
auth sufficient pam_mysql.so user=nssuser passwd=nsssqluser
db=nss table=user usercolumn=user_name passwdcolumn=password crypt=0
verbose=1 use_first_pass
auth required pam_tcb.so shadow fork prefix=$2a$ count=8
nullok nodelay blank_nolog use_first_pass auth required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
---
Подскажите, что не так?
--
Best regards,
Pavlov Konstantin, CPMS Network
http://network.cpms.ru/
jid: thresh@altlinux.org
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-12-19 18:34 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-12-19 18:34 [Comm] PAM, MySQL, sshd Pavlov Konstantin
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git