Problem w/ PAM…
Sean P. Malone
smalone at udallas.edu
Wed Aug 10 22:28:23 GMT 2005
…and the problem is evidently me!
Okay. I was messing around with pam_radius in and attempt to
authenticate POP requests off of our existing Active Directory.
Although I was able to get SSH to authenticate off of AD, I never could
get POP. Today I finally realized that our checkpasswd program can ONLY
valid off of the local user DB – we use qmail. That made sense so I
decided to ditch pam_radius.
In my eagerness to get rid of it and move on, I believe that I’ve delete
a file(s) from /user/lib. Namely, pam_radius.s0 and pam_radius.s02
(from memory). If it is true that the absence of these original files
is causing my problem, I really need to somehow restore PAM. It seems
that I have a “fail open” situation here. I can ssh to the host and get
a shell without entering a password. Luckily, one cannot ssh in as
root, but one can first ssh in as them self (w/o being asked a password)
and then su right into root – yes, w/o a password!
I’m novice enough to blame myself right off the bat for moving to fast.
Thus, I’ve pulled the system off the network and am hoping that I can
somehow restore PAM w/o a reinstall. The system is still non-production
so, sigh, there is no backup. :(
Does anyone know if I can fix PAM? FreeBSD v5.3
Thanks!
Sean
More information about the freebsd-questions
mailing list