Aaargh! PAM slays me!
David G. Miller (aka DaveAtFraud)
dave at davenjudy.org
Sat Sep 17 01:26:35 UTC 2005
listbox at nedron.net wrote:
> OK, I'm going to start with the mailing list.
>
> We have a lab machine that is/was setup to allow someone to ssh to
> the host as root, assuming the users public key has been added to
> roots .ssh/authorized_keys.
>
> This all worked fine under FC3. We upgraded the box to FC4, now no
> one is able to ssh in as root. The following error is generated in
> the /var/log/secure file:
>
> sshd[6048]: fatal: Access denied for user root by PAM account
> configuration
>
> I've verified that the sshd_config file has not changed.
>
> The /etc/pam.d/sshd file also has not changed.
>
> I'm guessing this is something to do with authconfig or system-auth?
>
> I've tried a couple of changes there, but no joy.
>
> There are other PAM related problems, but if I can get this part
> working, I don't have to worry about my connection dropping (since
> the lab is difficult to access physically).
>
> -David
>
Wouldn't it be safer to add specific users to the sudo file and have
people who need root just do an su after logging in as them self?
I always hate it when someone doesn't answer my question but suggests an
alternative like the above so apologies in advance if this won't work
for you for some reason.
Cheers,
Dave
More information about the users
mailing list