I am using a login via ssh





Here is the secure log material for my test USR



Aug 1 21:26:20 <client> unix_chkpwd[6558]: password check failed for user

(<NISuser>)

Aug 1 21:26:20 <client> sshd[6556]: pam_unix(sshd:auth): authentication

failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<remote.host.name>

user=jtorres

Aug 1 21:26:22 <client> sshd[6556]: Failed password for <NISuser> from

<remote.host.up.address> port 65500 ssh2





From a fellow Mandriva box the same request meets as follows.



Aug 1 21:32:15 <client> sshd[7595]: Accepted password for <NISuser> from

<remote.host.up.address> port 54278 ssh2





Passwords should be hashed. I am not using keberos (or at least I don’t

think it’s in the mix).



once again, despite what you see above the id command yield the correct

uid and gid information for the test user



Bill





On 8/1/14, 15:20 MDT, "Steven Timm" <[log in to unmask]> wrote:



>What login method is failing? Login from console? ssh? other?

>does /var/log/secure give you anything as far as error messages? It

>should. Is kerberos involved here or do you have hashed

>passwords in the NIS map?

>

>Steve Timm

>

>

>

>On Fri, 1 Aug 2014, Capehart, William J wrote:

>

>>Steve:

>>

>>Normally I do all the pieces normally but I followed your guidance:

>>

>>authconfig --enablenis ‹nisserver=(server.name.goes.here)

>>‹nisdomain=(mydomain) --update

>>

>>

>>As root, id on one of my test accounts worked.

>>As root, su on the same test account worked.

>>³nis² has indeed been through the /etc/nsswitch.conf file all along.

>>

>>Bill

>>

>>

>>

>>On 8/1/14, 14:51 MDT, "Steven Timm" <[log in to unmask]> wrote:

>>

>>>did you go into the system setup utility and enable NIS authentication?

>>>(or use authconfig from the command line). That's the best way

>>>to ensure that PAM is configured correctly to use NIS and that's likely

>>>the problem.

>>>

>>>(does "id" on a yp user name work?)

>>>(does "su" to a yp user name work?)

>>>does "nis" appear in /etc/nsswitch.conf? (setup will do that).

>>>

>>>Steve Timm

>>>

>>>

>>>\On Fri, 1 Aug 2014, Capehart, William J wrote:

>>>

>>>>We are in the process of migrating to SL 6.5 from Mandriva and things

>>>>have

>>>>been manageable until (of course) today.

>>>>

>>>>The NIS server is still under Mandriva (yp-serve is 2.22, ypbind is

>>>>1.29.91)

>>>>

>>>>On the client to be in SL 6.5 the ypbind is 1.20.4.

>>>>

>>>>NIS works on the fellow Mandriva machine clients but when used on the

>>>>SL

>>>>machine

>>>>

>>>>The username and groups get carried over and match the uids

>>>>

>>>>ypcat gives the correct responses for the arguments passwd and groups

>>>>

>>>>BUT

>>>>

>>>>I get permission denied errors when logging in. (That is sort of a

>>>>deal

>>>>breaker).

>>>>

>>>>Beyond this point is there any troubleshooting advise here?

>>>>

>>>>Thanks Much,

>>>>Bill

>>>>

>>>>

>>>>

>>>>

>>>>

>>>

>>>------------------------------------------------------------------

>>>Steven C. Timm, Ph.D (630) 840-8525

>>>[log in to unmask] http://home.fnal.gov/~timm/

>>>Fermilab Scientific Computing Division, Scientific Computing Services

>>>Quad.

>>>Grid and Cloud Services Dept., Associate Dept. Head for Cloud Computing

>>

>>

>

>------------------------------------------------------------------

>Steven C. Timm, Ph.D (630) 840-8525

>[log in to unmask] http://home.fnal.gov/~timm/

>Fermilab Scientific Computing Division, Scientific Computing Services

>Quad.

>Grid and Cloud Services Dept., Associate Dept. Head for Cloud Computing