As it turned out this is an issue with OpenSSH 4.3p1. There is a patch avilable at: http://www.zip.com.au/~dtucker/openssh/4.3p1- configure.patch Did a make distclean, applied the patch, and rebuilt with no problems. Thanks to Francois Bousquet who replied suggesting I use the native Solaris pam_ldap. We're using Apple's Open Directory and I'm not brave enough to go about patching and recompiling the slapd included with that. Original Post: > I have just set up a PAM enabled OpenSSH daemon to allow > authentication against an OpenLDAP server. Authentication is working > fine but when I run the last command SSH logins do not have a > terminal or host name listed and the login date is "Wed Dec 31 > 20:00". A log out time isn't recorded when logging out and last > reports "still logged in". Finger reports all the correct information > so it seems to be getting name service info properly. Does last and > wtmpx not use the OS name service stuff? Has anyone seen this before? > > Background: > Solaris 8 kernel 117350-28 > OpenLDAP client 2.3.27 > LDAP patch 108993-49 (similar behavior experienced with revision 60) > OpenSSH 4.3p1 / OpenSSL 0.9.7f > PAM LDAP module 1.80 > NSS LDAP module 2.52 > nscd has been restarted, but ldap_cachemgr is not running, I have > read it is not recommended with OpenLDAP, only with Sun's directory > server. -- Jeff Allen Systems Administrator Faculty of Computer Science Dalhousie University Halifax NS Canada http://www.cs.dal.ca/ _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Tue Aug 29 08:35:41 2006
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:00 EST