Enabling LDAP for Dropbear
Ratan Gupta
ratagupt at linux.vnet.ibm.com
Tue Aug 28 19:53:46 AEST 2018
Hi All,
As part of enable LDAP on the BMC,We are enabling the LDAP on the
dropbear(ssh server) through pam configuration,I am facing a problem
when the ssh client trying to connect the bmc through ssh.
There are two steps involved when ssh client connect to the ssh server.
1) Authentication
2) Open the shell
I could have seen that authentication gets success but opening the shell
got failed since the home directory should be existing for the ldap user.
To solve this I tried to make the following changes in the pam config file.
session required /lib/security/pam_mkhomedir.so skel=/etc/skel/
umask=0077 debug >>> pam_mkhomedir should have been created the directory.
session sufficient pam_unix.so debug
session sufficient /lib/security/pam_ldap.so debug
Even after making the above changes I don't see that the home directory
was created.
NOTE:- If I create the directory in advance then I am not facing this
problem.
We have other option to solve this is to mount directories over network
with the use of autofs service
https://help.ubuntu.com/community/AutofsLDAP
Can some body help me what could be other option to create the home
directories and which one is used industry wise?
Ratan
More information about the openbmc
mailing list