ssh PasswordAuthentication scheme + Kerberos = invalid user
Hi,
I've spent the best part of the day on this. Our service team are using an online service (ServiceNow) that needs to access a continuously updated file. I set them up a standard chroot sftp only account but this did not work. Digging away these are the highlights: I found in ssh debug mode there was a difference with this app than when a user logged in: Code:
debug1: userauth-request for user servicenow2 service ssh-connection method password [preauth] Code:
debug1: userauth-request for user servicenow service ssh-connection method none [preauth] Next I found that in -ddd mode for ssh we had errors like this: Code:
input_userauth_request: invalid user servicenow [preauth] So somehow using PasswordAuthentication breaks ssh and PAM/kerberos. Does anyone know how this works and why? It seems like PasswordAuthentication simply does a local user look up and doesn't use PAM. Is there no setting for this? Thanks for reading. |
All times are GMT -5. The time now is 06:38 PM. |