[prev in list] [next in list] [prev in thread] [next in thread]
List: pamldap
Subject: Re: [pamldap] Revisited: Criteria for SHA userPassword
From: "Andrew A. Raines" <drew () phg ! mc ! vanderbilt ! edu>
Date: 2003-05-02 21:33:39
[Download RAW message or body]
"Michael A. Dickerson" <mikey@cs.pomona.edu> writes:
> It sounds like probably pam_ldap is not working at all and you
> are only able to log in with nssldap, which is just reading the
> password field and not trying to bind--hence nssldap would be
> sensitive to your choice of hash.
This looks correct. I didn't know nss would take over if PAM was
failing--especially with a PAM-enabled OpenSSH.
> Are you using simple binds, or SASL? Can you bind using some
> other client tool such as ldapsearch?
Simple auth. (I haven't delved into the world of SASL yet. Is it
worth the trouble?)
OK, an `ldapsearch -x -D dn -W' worked, so I suspect you're
suspicion is right. I'm trying to rebuild OpenSSL right now, which
is what's keeping me from compiling a newer version of pam_ldap.
Thanks for the response.
--
Drew
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic