Re: Problem w/ PAM…

[Hornet]

On 8/10/05, Sean P. Malone <smalone at udallas.edu> wrote:
> 
> 
> …and the problem is evidently me!
> 
> Okay.  I was messing around with pam_radius in and attempt to
> authenticate POP requests off of our existing Active Directory.
> Although I was able to get SSH to authenticate off of AD, I never could
> get POP.  Today I finally realized that our checkpasswd program can ONLY
> valid off of the local user DB – we use qmail.  That made sense so I
> decided to ditch pam_radius.
> 
> In my eagerness to get rid of it and move on, I believe that I've delete
> a file(s) from /user/lib.  Namely, pam_radius.s0 and pam_radius.s02
> (from memory).  If it is true that the absence of these original files
> is causing my problem, I really need to somehow restore PAM.  It seems
> that I have a "fail open" situation here.  I can ssh to the host and get
> a shell without entering a password.  Luckily, one cannot ssh in as
> root, but one can first ssh in as them self (w/o being asked a password)
> and then su right into root – yes, w/o a password!
> 
> I'm novice enough to blame myself right off the bat for moving to fast.
>   Thus, I've pulled the system off the network and am hoping that I can
> somehow restore PAM w/o a reinstall.  The system is still non-production
> so, sigh, there is no backup. :(
> 
> Does anyone know if I can fix PAM?  FreeBSD v5.3
> 
> Thanks!
> 
> Sean
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 


I would try reinstalling openssh. If that does not fix your problem,
backup what your need and reinstall.

-Erik-