[Techtalk] Re: SSH authentication via PAM-MySQL
Aneesha Govil
popcorn09 at gmail.com
Tue Apr 3 10:57:40 UTC 2007
Missed the error message -
On 4/3/07, Aneesha Govil <popcorn09 at gmail.com> wrote:
>
> Hi,
>
> At work I have a requirement wherein I want to authenticate SSH users
> based on the usernames and passwords in a table in a MySQL database. I am
> able to get it to use the passwords from the table but it is not picking up
> the usernames. For example - if I add information as - testuser /
> testpassword in the table and SSH as:
>
> ssh testuser at localhost
In the logs I get the error - Invalid user testuser from 127.0.0.1
The user is not authenticated even with the correct password. Now if I add
> the information of a user as - root/root123 in the table and SSH as:
>
> ssh root at localhost
> password: root123
>
> This is a successful login.
> It seems that it is still not looking up usernames in the table. Any idea
> how to accomplish this? The configuration files are as follows:
>
> /etc/security/pam_mysql.conf
>
> users.host=127.0.0.1:3306;
> users.database=<dbname>;
> users.db_user=<db_username>;
> users.db_passwd=<db_password>;
> users.table=userstest;
> users.user_column=UserName;
> users.password_column=PasswordId;
> users.password_crypt=3;
> users.disconnect_every_operation=true;
> verbose=1;
>
> /etc/pam.d/sshd
> auth sufficient pam_mysql.so
> config_file=/etc/security/pam_mysql.conf
> account requisite pam_mysql.so
> config_file=/etc/security/pam_mysql.conf
> password sufficient pam_mysql.so
> config_file=/etc/security/pam_mysql.conf
> session sufficient pam_mysql.so
> config_file=/etc/security/pam_mysql.conf
>
> I hope this is possible. What use is a PAM where we can only change where
> to look-up passwords!
>
> Please help.
> Thanks,
> Aneesha
>
More information about the Techtalk
mailing list