Bug 84559

Summary: openssh not interacting with nis
Product: [Retired] Red Hat Linux Reporter: Richard Henderson <rth>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: high    
Version: 9   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-02-04 12:46:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Richard Henderson 2003-02-18 21:25:56 UTC 
Description of problem:

NIS users cannot log in via ssh.

Version-Release number of selected component (if applicable):

openssh-3.5p1-6

How reproducible:

Always.

Steps to Reproduce:
1. Set up NIS.
2. Log in successfully on console.
3. Attempt to log in via ssh -v.
    
Actual results:

debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /home/devel/rth/.ssh/id_dsa
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: try privkey: /home/rth/.ssh/id_rsa
debug1: try pubkey: /home/rth/.ssh/id_dsa
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
rth@frothingslosh's password: 

In /var/log/secure:
Feb 18 13:11:47 frothingslosh sshd[2462]: Illegal user rth from 172.16.50.18
Comment 1 Nalin Dahyabhai 2003-02-18 22:02:46 UTC 
What are the contents of the user's passwd (and shadow, if defined) entries in NIS?
Comment 2 Richard Henderson 2003-02-18 22:08:22 UTC 
[frothingslosh:~] ypcat passwd | grep '^rth:'
rth:*K*:2509:2515:Richard
Henderson,Engineering,1-408-542-9670:/home/devel/rth:/bin/bash

There is no yp shadow map.
Comment 3 Nalin Dahyabhai 2003-02-18 22:12:42 UTC 
After you enabled NIS, was sshd restarted so that it would re-read
/etc/nsswitch.conf?
Comment 4 Richard Henderson 2003-02-18 22:48:42 UTC 
I thought I'd rebooted since then, but apparently not.
Perhaps authconfig should be modified to take care of this?
Comment 5 Nalin Dahyabhai 2003-02-18 23:04:41 UTC 
I'm not sure I understand the question.

While authconfig starts or stops ypbind and nscd as appropriate, it can't
possibly know which currently-running daemons have read /etc/nsswitch.conf since
they were first started (and which therefore need to be restarted), and how to
restart them.
Comment 6 Tomas Mraz 2005-02-04 12:46:48 UTC 
Clearly a wontfix.