Highest Voted 'pam' Questions - Server Fault Stack Exchange

2

votes

0 answers

Unable to authenticate to AD using Kinit - cache file not found

I'm trying to set up Winbind with PAM and Kerberos to authenticate CentOS 7 against active directory. So far this is what I've done: yum -y install authconfig krb5-workstation pam_krb5 samba-common oddjob-mkhomedir yum -y install…

asked Dec 06 '16 at 18:28

GrahamBond

21
1
1
3

2

votes

0 answers

SSH login with defined authentication methods

I have a small server, and I would like to be able to login using SSH with 2 methods: Public key Password and then a PAM made in Python I successfully installed libpam-python, and added this line to /etc/pam.d/sshd: auth requisite …

ssh authentication pam

asked Nov 10 '16 at 12:11

Pita3145

21
1

2

votes

2 answers

Add all network users to local group for specific hosts in CentOS7

How would I add a network (sssd-ldap) user to a local group? More specifically, how can I add all network users who log into a system to a local group? It doesn't look like authconfig has a setting to add pam_group (unlike pam_access) and pam_group…

centos7 pam sssd

asked Sep 22 '16 at 20:05

84104

12,905
6
45
76

2

votes

2 answers

Can ssh generate a kerberos ticket? (FreeBSD)

TL;DR I want to be able to ssh from a FreeBSD host to a FreeBSD host, using my kerberos ticket generated when I first logged in. Question Environment FreeBSD 10.3 with working openldap-sasl-client, kerberos 5 (not heimdal), sssd, ssh, and joined to…

freebsd kerberos pam

asked Aug 18 '16 at 20:26

bgStack15

1,111
1
12
23

2

votes

2 answers

OpenLDAP client inside a docker container

I have a docker container running CentOS 6 with a non-root user and OpenLDAP. When I use getent passwd it just returns the data from /etc/passwd. The config file /etc/nsswitch.conf is customized accordingly (see below) and authconfig-gtk is used for…

centos ldap openldap docker pam

asked Jul 12 '16 at 10:03

Bonzai

151
1
6

2

votes

1 answer

LDAP changing password for wrong user?

I have an OpenLDAP server setup. I currently have two users added to my server. As far as my testing goes, a single user instance work just perfectly. My first issue arise when i have two users on the LDAP repository. Directly after adding my 2nd…

linux centos ldap openldap pam

asked Jul 10 '16 at 01:14

Stacknerd

43
5

2

votes

2 answers

How to configure pam sshd to allow different rules on different users/groups?

I'm configuring google two-factor authentication on an outbound server in the company I work for. Here are the relevant configurations: /etc/ssh/sshd_config: ubuntu@stage-itai-1:~$ egrep -v '^#' /etc/ssh/sshd_config | sed '/^\s*$/d' Port…

ssh authentication pam google-authenticator

asked Jun 14 '16 at 08:28

Itai Ganot

10,644
29
93
146

2

votes

0 answers

Kerberos-based SSH login requires local user account

I've recently set up a linux system (Debian-Jesse) which has joined an MS-Based Kerberos domain and been set up to allow Kerberos-based authentication for remote access. The only issue is, authentication won't succeed unless there's a matching local…

linux active-directory ssh kerberos pam

asked Apr 13 '16 at 17:17

Wesley Boynton

31
2

2

votes

1 answer

PAM authentication - Write error: broken pipe

In order to allow the 2FA in my domain, I setup a LinOTP server to manage the map between tokens and users (from LDAP) in my realm. So, I configured the PAM stack to integrate this authentication method also for SSH sessions: # /etc/pam.d/sshd #…

linux ssh authentication pam

asked Mar 10 '16 at 12:49

vdenotaris

123
2
8

2

votes

0 answers

pam_sss(sudo:auth): authentication failure

I'm having some CentOS 7 machines joined a windows domain with the following steps: #yum -y install realmd sssd oddjob oddjob-mkhomedir adcli samba-common #nmcli c modify eth0 ipv4.dns 192.168.3.18 #nmcli c down eth0; nmcli c up eth0 #realm discover…

active-directory centos7 pam

asked Feb 24 '16 at 14:33

Gabriel

61
1
6

2

votes

1 answer

SSH, Kerberos, AD: how / where to config /etc/pam.d/password-auth?

I have a CentOS 6 machine here and want to give SSH access for users from another forest, which is trusted. I got a temporary workaround, which is: 1) change content in /etc/pam.d/vncserver to auth include password-auth 2) add these two lines…

active-directory ssh password kerberos pam

asked Dec 23 '15 at 08:43

Thomasle

21
3

2

votes

1 answer

OpenLDAP - How to restrict Debian login to specific groups (posixGroup)?

I'm trying to restrict login to specific LDAP groups in Debian 8. The system is configured to use OpenLDAP (PAM) as authentication method. My goal is to configure the system to allow all local users (including root) plus LDAP users that belong to a…

debian ldap openldap login pam

asked Dec 16 '15 at 17:18

nowat

51
6

2

votes

0 answers

PAM Google Authenticator With SFTP And Other Apps

I'm attempting to set up a situation where SSH Authorized Key + Google Authenticator Code is sufficient to ssh into the server. This is working fine for normal SSH terminal operations - I'm prompted for a verification code, which I can enter, and be…

pam two-factor google-authenticator

asked Sep 28 '15 at 22:00

Ben

21
2

2

votes

2 answers

Postfix omits realm (@domain) when checking for smtpd pam+mysql authentication

I've trying to configure Postfix so users can send email through SMTP having a username and password. And I'm trying to store credential within a MySQL database. I've taken the path of saslauthd and pam and I'm stuck in the midway. Enabling the pam…

mysql postfix pam saslauthd

asked Jul 25 '15 at 18:48

Mehran

519
1
5
20

2

votes

1 answer

cannot login via ssh

Can not login to SLES server via ssh as user1. At the same time I can login as root user without any problem. Authentication method is password based. In /etc/ssh/sshd_config I have PasswordAuthentication yes. node1:~ # ssh -v -v -v user1@node2…

ssh pam

asked Jul 06 '15 at 10:07

Yuriy Vasylenko

253
1
3
9

Questions tagged [pam]