We use novell directory services to authenticate users. We are running solaris 8,7 and 6. Our current version of ssh is "OpenSSH_3.4p1".. This works fine with nds but not the current version. When we do some traces in NDS we see that the user is hitting the nds server but we are not getting error messages from nds. As soon as we put the original version of ssh back.. authentication works. THe reason we are upgrading is because of all the security issues that have been posted. Please let me know how to proceed. I'm posting our pam.conf configuration for ssh. sshd auth sufficient /usr/lib/security/pam_nds.so.0 sshd account sufficient /usr/lib/security/pam_nds.so.0 sshd session sufficient /usr/lib/security/pam_nds.so.0 sshd password required /usr/lib/security/pam_nds.so.0 sshd auth required /usr/lib/security/pam_unix.so.1 try_first_pass sshd account required /usr/lib/security/pam_unix.so.1 sshd session required /usr/lib/security/pam_unix.so.1 sshd password sufficient /usr/lib/security/pam_unix.so.1
What do you mean by "we are not getting error messages from nds"? Does the authentication work but you don't get messages from the session modules? Or does it not authenticate? Do you have "PasswordAuthentication no" and "ChallengeResponseAuthentication yes" in sshd_config?
Please try a recent snapshot (20031118 or later), there have been several PAM fixes. Also, please elaborate on "not getting error messages from nds".
No response = closed bug. Please reopen if you have more info.
Mass change of RESOLVED bugs to CLOSED