if i include pam_access module i get unresolved simbols and i
coudn't
loguin. This is a severity problem for as
because whe have ours users in a ldap directori and only the users
of
a specified group whoud acces the server.
---
auth.log----------------------------------------------------------
--------------------
Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
pam_sm_authenticate
Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
pam_sm_setcred
Nov 5 09:27:45 emsrv sshd[2678]: error: PAM: Module is unknown for
jsoler from emsrv
--- /etc/pam.d/ssh
---------------------------------------------------
--------------------
# PAM configuration for the Secure Shell service
# Disallow non-root logins when /etc/nologin exists.
auth required pam_nologin.so
# Read environment variables from /etc/environment and
# /etc/security/pam_env.conf.
auth required pam_env.so # [1]
# Standard Un*x authentication.
auth required pam_access.so
@include common-auth
# Standard Un*x authorization.
@include common-account
# Standard Un*x session setup and teardown.
@include common-session
# Print the message of the day upon successful login.
session optional pam_motd.so # [1]
# Print the status of the user's mailbox upon successful login.
session optional pam_mail.so standard noenv # [1]
# Set up user limits from /etc/security/limits.conf.
session required pam_limits.so
# Standard Un*x password updating.
@include common-password
--- /etc/security/access.conf
----------------------------------------
-------------------------------------
# Sols es poden connectar el usuaris autoritzats
# Joan Carles Soler 18/10/2001
+: root :ALL
+: pharusuv-l :ALL
+: insauv-l :ALL
+: scsiuv-l :ALL
#+: siuv-l :ALL
+: emsrv :ALL
-: ALL EXCEPT LOCAL:ALL
----------------------------------------------------------------------
---------
NOTE: pharusuv-l insauv-l scsiuv-l ... are groups in our ldap system
too
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (101, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.5-1-686-smp
Locale: LANG=es_ES@euro, LC_CTYPE=es_ES@euro (ignored: LC_ALL set to
es_ES@euro)
Versions of packages ssh depends on:
ii adduser 3.59 Add and remove users
and
groups
ii debconf 1.4.30.8 Debian configuration
management sy
ii dpkg 1.10.23 Package maintenance
system for Deb
ii libc6 2.3.2.ds1-18 GNU C Library: Shared
libraries an
ii libpam-modules 0.76-22 Pluggable
Authentication
Modules f
ii libpam-runtime 0.76-22 Runtime support for the
PAM librar
ii libpam0g 0.76-22 Pluggable
Authentication
Modules l
ii libssl0.9.7 0.9.7d-5 SSL shared libraries
ii libwrap0 7.6.dbs-6 Wietse Venema's TCP
wrappers libra
ii zlib1g 1:1.2.2-1 compression library -
runtime
Package: ssh
Version: 1:3.8.1p1-8.sarge.2
Severity: grave
Justification: renders package unusable
Tags: security
if i include pam_access module i get unresolved simbols and i
coudn't
loguin. This is a severity problem for as
because whe have ours users in a ldap directori and only the users
of
a specified group whoud acces the server.
--- ------- ------- ------- ------- ------- ------- ------- ------- - ------- ------
auth.log-
-------
Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
pam_sm_authenticate
Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
pam_sm_setcred
Nov 5 09:27:45 emsrv sshd[2678]: error: PAM: Module is unknown for
jsoler from emsrv
--- /etc/pam.d/ssh ------- ------- ------- ------- ------- ------- -- ------- ------
-------
-------
# PAM configuration for the Secure Shell service
# Disallow non-root logins when /etc/nologin exists.
auth required pam_nologin.so
# Read environment variables from /etc/environment and pam_env. conf.
# /etc/security/
auth required pam_env.so # [1]
# Standard Un*x authentication.
auth required pam_access.so
@include common-auth
# Standard Un*x authorization.
@include common-account
# Standard Un*x session setup and teardown.
@include common-session
# Print the message of the day upon successful login.
session optional pam_motd.so # [1]
# Print the status of the user's mailbox upon successful login.
session optional pam_mail.so standard noenv # [1]
# Set up user limits from /etc/security/ limits. conf.
session required pam_limits.so
# Standard Un*x password updating.
@include common-password
--- /etc/security/ access. conf ------- ------- ------- ------- ----- ------- ------- ------- ------- -- ------- ------- ------- ------- ------- ------- ------- ------- -------
-------
-------
# Sols es poden connectar el usuaris autoritzats
# Joan Carles Soler 18/10/2001
+: root :ALL
+: pharusuv-l :ALL
+: insauv-l :ALL
+: scsiuv-l :ALL
#+: siuv-l :ALL
+: emsrv :ALL
-: ALL EXCEPT LOCAL:ALL
-------
---------
NOTE: pharusuv-l insauv-l scsiuv-l ... are groups in our ldap system
too
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (101, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.5-1-686-smp
Locale: LANG=es_ES@euro, LC_CTYPE=es_ES@euro (ignored: LC_ALL set to
es_ES@euro)
Versions of packages ssh depends on:
ii adduser 3.59 Add and remove users
and
groups
ii debconf 1.4.30.8 Debian configuration
management sy
ii dpkg 1.10.23 Package maintenance
system for Deb
ii libc6 2.3.2.ds1-18 GNU C Library: Shared
libraries an
ii libpam-modules 0.76-22 Pluggable
Authentication
Modules f
ii libpam-runtime 0.76-22 Runtime support for the
PAM librar
ii libpam0g 0.76-22 Pluggable
Authentication
Modules l
ii libssl0.9.7 0.9.7d-5 SSL shared libraries
ii libwrap0 7.6.dbs-6 Wietse Venema's TCP
wrappers libra
ii zlib1g 1:1.2.2-1 compression library -
runtime
-- debconf information: rshd: environment_ tell: warning: telnetd: old_init_ script: true cr_auth: false keys_merged: _host_key_ but_no_ keygen:
ssh/insecure_
ssh/privsep_ask: true
* ssh/user_
* ssh/forward_
ssh/insecure_
ssh/new_config: true
* ssh/use_
* ssh/SUID_client: true
ssh/disable_
* ssh/privsep_tell:
ssh/ssh2_
* ssh/protocol2_only: true
ssh/encrypted
* ssh/run_sshd: true