The problem is NSCD! As soon as I turn it off, the problem goes away. Not sure what to make of that at all. Misty On Friday 24 September 2004 11:31, Danny Sauer wrote:
Misty wrote regarding 'Re: [SLE] pam_ldap and ssh' on Fri, Sep 24 at 09:48:
On Thursday 23 September 2004 15:59, Danny Sauer wrote:
Crank up the debug level on your LDAP server and see if it's being contacted or not. There are a few things that could be wrong, but
... <snip> ...
--Danny
You are right! Here is the output I am getting: TLS: can't accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052 conn=0 fd=10 closed
Any ideas about this?
This is just a guess, but from "unknown ca" I'm guessing that you used an unknown certificate authority. :) Again, I'm just guessing here, but do you have the correct files on the LDAP server to get TLS conenctions working? Have you verified that TLS works by connecting with another program, like gq? I'd look over the SSL setup stuff on the LDAP server and make sure that's all perfect... The setup stes are documented all over the internet, IIRC.
I can't help much more than Google, though, as I only use LDAP over a trusted network and thus haven't put any time into configuring any transport-level security. :)
--Danny, who should learn about LDAP over SSL someday, though