I installed SuSE Linux Enterprise Server 9 (RC5) and during the install I choose Blowfish for password hashing. I've had no problem authenticating to "login" or "sshd", but no matter what I do with sudo (yes, my user is in /etc/sudoers) it keeps saying "Sorry, try again".
Contents of /etc/pam.d/sudo (doesn't work) is simply:
Code:
#%PAM-1.0
auth required pam_unix2.so
Contents of /etc/pam.d/login (works):
Code:
#%PAM-1.0
auth requisite pam_unix2.so nullok #set_secrpc
auth required pam_securetty.so
auth required pam_nologin.so
#auth required pam_homecheck.so
auth required pam_env.so
auth required pam_mail.so
account required pam_unix2.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_unix2.so none # debug or trace
session required pam_limits.so
Conents of /etc/pam.d/sshd (works):
Code:
#%PAM-1.0
auth required pam_unix2.so # set_secrpc
auth required pam_nologin.so
auth required pam_env.so
account required pam_unix2.so
account required pam_nologin.so
password required pam_pwcheck.so
password required pam_unix2.so use_first_pass use_authtok
session required pam_unix2.so none # trace or debug
session required pam_limits.so
# Enable the following line to get resmgr support for
# ssh sessions (see /usr/share/doc/packages/resmgr/README.SuSE)
#session optional pam_resmgr.so fake_ttyname
And just for good measure, /etc/security/pam_pwcheck.conf:
Code:
password: cracklib blowfish nullok use_cracklib
/etc/security/pam_unix2.conf:
Code:
auth:
account:
password: blowfish
session: none
So why this would work for login & sshd, but not sudo... I have no idea.