ssh and pam

From: Internet Protocol (ipv6@techie.com)
Date: Fri Feb 07 2003 - 15:07:11 EST

• Next message: Don Schultz: "Incorrect day, correct time +12hrs"
• Previous message: Internet Protocol: "ssh and pam"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I forgot to mention, we are not using tcpwrappers.

----- Original Message -----
From: "Internet Protocol" <ipv6@techie.com>
Date: Fri, 07 Feb 2003 14:27:14 -0500
To: sunmanagers@sunmanagers.org
Subject: ssh and pam

> Hello,
>
> Here is a quick synaposis:
> I can scp from box A to box B
> I cannot scp from box A to box C
> All files appear identical on B and C
>
> All 3 are running the same OS:
> SunOS host_A 5.6 Generic_105181-30 sun4u sparc SUNW,Ultra-Enterprise-10000
>
> All 3 are running the same versions of SSH:
> OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
>
> .ssh/authorized_keys are setup correctly on all 3 boxes
>
> The following was added to the /etc/pam.conf on all 3 boxes:
> sshd auth required /usr/lib/security/pam_unix.so.1
> sshd auth required /usr/lib/security/pam_suonly.so.1 suuser
>
> The /usr/lib/security/pam_suonly.so.1 is identical, perms, size, etc,
> on all 3 boxes
>
> On all 3 boxes the following entry is the same in the /etc/group:
> suuser::1004:testusr
>
> The whole purpose was that testusr could NOT be loged into directly,
> and could only be su'd into from another user, but could still scp
> files from B and C back to A using authorized keys.
>
> HostA:$ /usr/local/bin/scp hostB:/tmp/file file_B
> file 100% |*****************************| 4092
> 00:00
> HostA:$ /usr/local/bin/scp hostC:/tmp/file file_C
> Connection closed by 10.1.1.101
>
>
>
> TIA,
> William
>
>
> --
> __________________________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
> http://www.mail.com/?sr=signup
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
>

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Don Schultz: "Incorrect day, correct time +12hrs"
• Previous message: Internet Protocol: "ssh and pam"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:47 EDT