I hope this is the correct list for this question. Since it has to do
with login and authentication, I thought "security" was the closest
match I could find. I've been browsing the SuSE list archives for a week
(along with everything else I could find on Google) with no success. I'm
seriously losing my hair over this.
I have recently installed SuSE Linux 8.0 on two separate machines. My
other machines at home are both running FreeBSD (4.6-STABLE). They are
the NIS master and slave servers, respectively.
I have used YAST2 to initiate an "NIS Client" on the Linux boxes. Ypbind
and ypwhich are both running successfully and returning proper
information. I can "finger" all of the NIS users and I can ypcat passwd,
master.passwd, etc. However, I cannot login with an NIS user. I have
turned "debug" on in security/pam_unix2.conf, and here is the
Jul 26 09:44:25 horace sshd: pam_unix2: pam_sm_authenticate()
Jul 26 09:44:25 horace sshd: pam_unix2: username=[glen]
Jul 26 09:44:25 horace sshd: pam_unix2: wrong password, return
Jul 26 09:44:25 horace sshd: Failed password for glen from ::1
port 32772 ssh2
In this case, it's from sshd, but I get the same results from login and
kdm as well.
Here's what "ypcat passwd" returns (just a sample):
Here's what "ypcat master.passwd.byname" returns (again, a sample):
(1) it has been suggested that the MD5 encryption used in the FreeBSD
password file is causing the problem. However, I have been able to cut a
password from the BSD password file into the Linux password file and it
worked just fine (for a local user). I don't think that's the problem.
(2) The BSD password file has "*" in the second field, which indicates
the password is stored in master.passwd. SuSE Linux uses an "x" in the
second field to indicate that the password is stored in /etc/shadow.
Could this be the source of the conflict? If so, how do I configure SuSE
to recognize the "*" instead of the "x"?
(3) Beyond this, I'm at a total loss. I really have no idea how to debug
or fix this. I hate to have to set the Linux box as a standalone machine
because it does not support NIS.
Thanks in advance for your help,