在solaris 10上使用compat nis进行ssh

i have a working solaris 10 server with ssh and NIS using the following configuration:

我有一个使用ssh和NIS的solaris 10服务器,使用以下配置:

# /etc/nsswitch.conf
passwd:     files nis
group:      files nis

and

# /etc/ssh/sshd_config
 Protocol 2
 Port 22
 ListenAddress ::
 AllowTcpForwarding no
 GatewayPorts no
 X11Forwarding yes
 X11DisplayOffset 10
 X11UseLocalhost yes
 PrintMotd no
 KeepAlive yes
 SyslogFacility auth
 LogLevel info
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_dsa_key
 ServerKeyBits 768
 KeyRegenerationInterval 3600
 StrictModes yes
 LoginGraceTime 600
 MaxAuthTries       6
 MaxAuthTriesLog    3
 PermitEmptyPasswords yes
 PasswordAuthentication yes
 PAMAuthenticationViaKBDInt yes
 PermitRootLogin yes
 Subsystem  sftp    /usr/lib/ssh/sftp-server
 IgnoreRhosts yes
 RhostsAuthentication no
 RhostsRSAAuthentication no
 RSAAuthentication yes

Now, i want to switch to compat mode:

现在,我想切换到compat模式:

# /etc/nsswitch.conf
passwd:     compat
group:      files nis

I added a few users to:

我添加了一些用户:

# /etc/passwd
+luke:x:::::

ran pwvcon and then password authentification for user luke doesn't not work anymore (while public-key is still OK).

运行pwvcon然后密码验证用户luke不再工作(公钥仍然可以)。

Is there something wrong with my setup ?

我的设置有问题吗?

1 个解决方案

#1

From passwd(4):

If a +name entry has a non-null password [..] the value of that field overrides what is contained in the alternate naming service.

如果+ name条目具有非空密码[..],则该字段的值将覆盖备用命名服务中包含的内容。

Can you see if removing the "x" in the passwd-column and running pwconv again helps?

你能看到删除passwd列中的“x”并再次运行pwconv有帮助吗?

Edit: the first guess was totally off, see comments, so here's another guess -- I can't break my Sun's config just now, sorry ;)

编辑:第一个猜测是完全关闭,看到评论,所以这是另一个猜测 - 我现在不能打破我的Sun的配置,对不起;)

#1