pam and ssh
Daniel Graupner
listen at danielgraupner.de
Fri Apr 18 10:46:59 PDT 2003
Hello,
I'm using pam_mysql for Password-Authentication. It works well with
apache and samba. But ssh is a bit strange.
I did the following changes to the configfile /etc/pam.conf:
# OpenSSH with PAM support requires similar modules. The session one is
# a bit strange, though...
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so
no_fake_prompts
#sshd auth requisite pam_opieaccess.so
#sshd auth sufficient pam_kerberosIV.so
try_first_pass
#sshd auth sufficient pam_krb5.so
try_first_pass
#pam_unix durch mysql ersetzen
#sshd auth required pam_unix.so
try_first_pass
sshd auth required /usr/local/lib/pam_mysql.so
host=filer ...
sshd account required /usr/local/lib/pam_mysql.so
host=filer ...
sshd account required pam_unix.so
#sshd password required pam_permit.so
sshd session required pam_permit.so
Hmm, I really don't know what each line stands for.
The corresponding user in passwd exists (without password...this is
stored in mysql).
After failed Authentication the following lines appeared in
/var/log/messages:
Apr 18 17:27:16 filer sshd[845]: adding faulty module:
/usr/local/lib/pam_mysql.so
Apr 18 17:27:16 filer sshd[845]: error: PAM: Module is unknown
Apr 18 17:27:46 filer sshd[849]: unable to
dlopen(/usr/local/lib/pam_mysql.so)
Apr 18 17:27:46 filer sshd[849]: [dlerror: Shared object
"libmysqlclient.so.12" not found]
Apr 18 17:27:46 filer sshd[849]: adding faulty module:
/usr/local/lib/pam_mysql.so
Apr 18 17:27:46 filer sshd[849]: error: PAM: Module is unknown
Apr 18 17:27:55 filer sshd[854]: unable to
dlopen(/usr/local/lib/pam_mysql.so)
Apr 18 17:27:55 filer sshd[854]: [dlerror: Shared object
"libmysqlclient.so.12" not found]
Apr 18 17:27:55 filer sshd[854]: adding faulty module:
/usr/local/lib/pam_mysql.so
Apr 18 17:27:55 filer sshd[854]: error: PAM: Module is unknown
Any Suggests?
Thanks, Daniel.
P.S. Freebsd 4.7, 4.8
More information about the freebsd-questions
mailing list