I am trying to SSH to a RHEL 5.x box using my AD credentials but getting the following errors.
Code:
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.16.20.24 user=chris
pam_krb5[10907]: authentication fails for 'chris' (chris@DOMAIN.COM): Authentication failure (KRB5 error code 68)
pam_smb: Missing Configuration file : /etc/pam_smb.conf
pam_winbind(sshd:auth): getting password (0x00000010)
pam_winbind(sshd:auth): pam_get_item returned a password
pam_winbind(sshd:auth): user 'chris' granted access
pam_krb5[10907]: account checks fail for 'chris': unknown reason -1765328316 (KRB5 error code 68)
pam_winbind(sshd:account): user 'chris' OK
pam_winbind(sshd:account): user 'chris' granted access
Failed password for chris from 172.16.20.24 port 51847 ssh2
fatal: Access denied for user chris by PAM account configuration
"getent passwd" gives all AD user accounts, "wbinfo -g" shows all AD groups, "wbinfo -u" shows all AD users.
"getent shadow" gives nothing (not sure if it is supposed to?)
/etc/pam_smb.conf has only two entries: the AD server's name and the IP address of the password server (AD)
/etc/nsswitch.conf has the following entries modified/ added:
passwd: files winbind compat
shadow: files winbind compat
group: files winbind
passwd_compat: ldap
shadow_compat: ldap
/etc/ssh/sshd_config has "UsePAM yes" - tried changing that to "UsePAM no" (and restart SSHD) and I get error when I log in:
Code:
error: Could not get shadow information for chris Failed password for chris from 172.16.20.24 port 47658 ssh2