Bug 141267
Summary: | servers cannot authenticate agains nis | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 3 | Reporter: | Jonathan Schatz <jon> |
Component: | glibc | Assignee: | Jakub Jelinek <jakub> |
Status: | CLOSED NOTABUG | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3.0 | CC: | k.georgiou, tmraz |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-12-03 23:25:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jonathan Schatz
2004-11-29 22:09:31 UTC
Could it be the bug 138937? Also could you try to look into the syslog if there is something suspicious? i don't think it's bug 138937, since none of these machines have had glibc updated on them (they were all installed from the U3 cd, and haven't had an upgraded glibc). here's what's in syslog when i try to ssh in: [root@engweb log]# tail /var/log/messages Nov 30 12:21:32 localhost portmap: portmap shutdown succeeded Nov 30 12:21:33 localhost portmap: portmap startup succeeded Nov 30 12:21:34 localhost ypbind: ypbind shutdown succeeded Nov 30 12:21:34 localhost ypbind: ypbind startup succeeded Nov 30 12:21:34 localhost ypbind: bound to NIS server a.vmware.com Nov 30 12:21:50 localhost sshd(pam_unix)[8398]: check pass; user unknown Nov 30 12:21:50 localhost sshd(pam_unix)[8398]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=remote.vmware.com Nov 30 12:22:10 localhost sshd(pam_unix)[8398]: check pass; user unknown Nov 30 12:22:15 localhost sshd(pam_unix)[8398]: check pass; user unknown Nov 30 12:22:17 localhost sshd(pam_unix)[8398]: 2 more authentication failures; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=remote.vmware.com What gives you 'getent passwd <username>' ? > What gives you 'getent passwd <username>' ?
[root@engweb root]# getent passwd jon
jon:apasswordhash:1001:201:Jonathan Schatz:/exit14/home/jon:/bin/bash
this is correct (and from nis).
Hmm, strange there seems to be no change in pam_unix between RHEL3 and RHEL3 U3. So this means the problem must be somewhere else. Do you have privilege separation enabled in SSH? What results (with syslog) you get if you try to login as the same user on console? Also could you set some simple password for this user and post complete getent passwd <username> output? ok, i'm not sure what was going on with nis here. i went to the console of the original machine i found this problem on, and could login fine. i then tried to ssh to the machine, and got the same error from above. i changed the sshd_config file to enable privsep, and restarted sshd. i then could log in. thinking i had solved the problem, i ssh'd into the other machines i had issues on to change their sshd configs, and found that i had no problems logging in at all (without changing their sshd config or restarting sshd). so i'm resolving this bug and assuming that something was out of whack on our nis servers. if i can somehow reproduce this issue i'll reopen this bug. |