Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've recently run across a problem that has me stumped. It has to do with local accounts on machines that have OpenLDAP installed. These are mostly Red Hat 4 and 5 installations.
I can create a user with adduser or useradd, either one. If I try to login with that new account, from SSH or from the console, I get "Access denied". However, I can su to that user, enter their password, and get all around the box. This shows that it's not strictly a credentials issue. I checked and there's no pam_deny, or anything like that.
I also double-checked permissions on /home/user and actually set everything to 777, with no joy.
Are there any other corners where an interactive login might be barred for new accounts?
Jun 9 15:08:38 testserver passwd(pam_unix)[10667]: password changed for testadmin
Jun 9 15:09:06 testserver sshd(pam_unix)[10668]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dhcp20.testdomain.com user=testadmin
I can su to that user, so login is working through that route. The failures happen both on the console and through SSH
SSH configs:
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
Host *
GSSAPIAuthentication yes
# If this option is set to yes then the remote X11 clients will have full access
# to the local X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.