Ubuntu nis client does not authenticate against OpenBSD NIS server
Prabhu Gurumurthy
pgurumur at gmail.com
Sun Oct 22 22:48:22 UTC 2006
admin at dhcp-c17:~$ ypwhich
amazon.kashyapa.net
admin at dhcp-c17:~$ cat /etc/yp.conf
#
# yp.conf Configuration file for the ypbind process. You can define
# NIS servers manually here if they can't be found by
# broadcasting on the local net (which is the default).
#
# See the manual page of ypbind for the syntax of this file.
#
# IMPORTANT: For the "ypserver", use IP addresses, or make sure that
# the host is in /etc/hosts. This file is only interpreted
# once, and if DNS isn't reachable yet the ypserver cannot
# be resolved and ypbind won't ever bind to the server.
# ypserver ypserver.network.com
domain kashyapa server amazon
admin at dhcp-c17:~$ ypcat -k passwd.byname
_afs _afs:*:81:81:afs Daemon:/var/empty:/sbin/nologin
_bgpd _bgpd:*:75:75:BGP Daemon:/var/empty:/sbin/nologin
_dhcp _dhcp:*:77:77:DHCP programs:/var/empty:/sbin/nologin
_dvmrpd _dvmrpd:*:87:87:DVMRP Daemon:/var/empty:/sbin/nologin
_fingerd _fingerd:*:33:33:fingerd:/var/empty:/sbin/nologin
_ftp _ftp:*:84:84:FTP Daemon:/var/empty:/sbin/nologin
_hostapd _hostapd:*:86:86:HostAP Daemon:/var/empty:/sbin/nologin
_identd _identd:*:29:29:identd:/var/empty:/sbin/nologin
_isakmpd _isakmpd:*:68:68:isakmpd privsep:/var/empty:/sbin/nologin
_kadmin _kadmin:*:60:60:Kerberos Admin Server:/var/empty:/sbin/nologin
_kdc _kdc:*:59:59:Kerberos Server:/var/empty:/sbin/nologin
_mopd _mopd:*:78:78:MOP Daemon:/var/empty:/sbin/nologin
_ntp _ntp:*:83:83:NTP Daemon:/var/empty:/sbin/nologin
_ospfd _ospfd:*:85:85:OSPF Daemon:/var/empty:/sbin/nologin
_pflogd _pflogd:*:74:74:pflogd privsep:/var/empty:/sbin/nologin
_portmap _portmap:*:28:28:portmap:/var/empty:/sbin/nologin
_ppp _ppp:*:82:82:PPP utilities:/var/empty:/sbin/nologin
_rbootd _rbootd:*:80:80:rbootd Daemon:/var/empty:/sbin/nologin
_rstatd _rstatd:*:30:30:rpc.rstatd:/var/empty:/sbin/nologin
_rusersd _rusersd:*:32:32:rpc.rusersd:/var/empty:/sbin/nologin
_spamd _spamd:*:62:62:Spam Daemon:/var/empty:/sbin/nologin
_syslogd _syslogd:*:73:73:Syslog Daemon:/var/empty:/sbin/nologin
_tcpdump _tcpdump:*:76:76:tcpdump privsep:/var/empty:/sbin/nologin
_tftpd _tftpd:*:79:79:TFTP Daemon:/var/empty:/sbin/nologin
_x11 _x11:*:35:35:X Server:/var/empty:/sbin/nologin
bin bin:*:3:7:Binaries Commands and Source,,,:/:/sbin/nologin
daemon daemon:*:1:1:The devil himself:/root:/sbin/nologin
named named:*:70:70:BIND Name Service Daemon:/var/named:/sbin/nologin
nobody nobody:*:32767:32767:Unprivileged user:/nonexistent:/sbin/nologin
operator operator:*:2:5:System &:/operator:/sbin/nologin
pgurumur
pgurumur:$2a$06$qkAgGTLot8DIXVz3YGcmMOCoiF4PUl/qqPxN5KIzYy1ew.mJ2CN7W:1000:10::/home/pgurumur:/bin/ksh
popa3d popa3d:*:26:26:POP3 Server:/var/empty:/sbin/nologin
proxy proxy:*:71:71:Proxy Services:/nonexistent:/sbin/nologin
root
root:$2a$08$igBijMZn09ZtKGeQQiQ4CudPYCc9Qh0ITHq7pVVMn75Uy5nxQIuI.:0:0:Charlie
&:/root:/bin/ksh
smmsp smmsp:*:25:25:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
sshd sshd:*:27:27:sshd privsep:/var/empty:/sbin/nologin
uucp uucp:*:66:1:UNIX-to-UNIX Copy:/var/spool/uucppublic:/usr/libexec/uucp/uucico
www www:*:67:67:HTTP Server:/var/www:/sbin/nologin
when I try to login using my username, I get this error, what exactly is the
problem that I am facing I dont know.
Oct 22 15:39:29 dhcp-c17 sshd[4927]: (pam_unix) authentication failure; logname=
uid=0 euid=0 tty=ssh ruser= rhost=amazon.kashyapa.net user=pgurumur
Oct 22 15:39:31 dhcp-c17 sshd[4927]: Failed password for pgurumur from
172.29.17.2 port 24605 ssh2
admin at dhcp-c17:/etc/ssh$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
dhcp:x:101:101::/nonexistent:/bin/false
syslog:x:102:102::/home/syslog:/bin/false
klog:x:103:103::/home/klog:/bin/false
admin:x:108:108::/usr/home/admin:/bin/sh
sshd:x:100:65534::/var/run/sshd:/bin/false
ntp:x:109:109::/home/ntp:/bin/false
+::::::admin at dhcp-c17:/etc/ssh$ cat /etc/group
root:x:0:admin
daemon:x:1:admin
bin:x:2:admin
sys:x:3:admin
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:admin
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:admin
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:admin
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
dhcp:x:101:
syslog:x:102:
klog:x:103:
crontab:x:104:
ssh:x:105:admin
lpadmin:x:106:
scanner:x:107:
admin:x:108:
ntp:x:109:
+:::
What exactly is the problem? Is there a fix for it, fortunately I have ssh keys
setup, but the same problem will affect my sudo as it uses pam. I can disable
UsePAM in sshd_config, but that gives me error no error could not get shadow
information for the user: even though I have same setup as /etc/group on
/etc/shadow i.e /etc/shadow +:::
Here is my nsswitch.conf
admin at dhcp-c17:/etc/ssh$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: nis files
group: nis files
shadow: nis files
hosts: nis dns file mdns
networks: nis dns files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
Thanks
Prabhu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgurumur.vcf
Type: text/x-vcard
Size: 354 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20061022/dac64664/attachment.vcf>
More information about the ubuntu-users
mailing list