Misty wrote regarding '[SLE] pam_ldap and ssh' on Thu, Sep 23 at 15:50:
Hi all,
I have gotten nss_ldap and pam_ldap to work. I can su to any user on my LDAP server. However, I need to be able to ssh in as any user with a valid shell. Right now I can only ssh as a local user (root is the only one that exists). I have used the pam.d files that come with pam_ldap, including the sshd one. I get asked for the password 3 times and then it fails, even though I am putting in the correct password. If I run sshd in debug mode, it says that it is rejecting an illegal user.
Using SuSE 9.1 updated with the latest openLDAP2 running on the same server.
Any help or suggestions are appreciated!
Crank up the debug level on your LDAP server and see if it's being contacted or not. There are a few things that could be wrong, but common are 1) messed up pam.d/whatever file or 2) messed up auth settings in slapd.conf. If you turn the debug level up a little in slapd.conf, you'll see what, if anything, the client is sending over. That will probably help some... --Danny