LDAP Authentication for SSH in Red Hat Enterprise Linux

red hat logo

Prequisite: A working LDAP server with the right schemas. (I will go into setting up a Red Hat Directory Server another day)

On the Red Hat Enterprise Linux ‘client’

authconfig \
--enablemkhomedir --enableldap \
--enableldapauth --ldapserver=
--ldapbasedn= --updateall

“–enablemkhomedir” : This will auto create the home directory for new users who have not logged in to the system before. In the background, it’s actually pam_mkhomedir doing the real work. In order for this to work, the LDAP server must return a valid homedir attribute.

“–enableldap” : It’s telling the system to get user information via LDAP. ie getent passwd will fetch the information from LDAP.

The rest of the command line options are self explanatory. One command to solve the entire problem instead of meddling pam, nsswitch.conf etc.

Author: yibi

YiBi's numb :) YiBi writes about anything. Technology, Gossips, Rubbish YiBi's a half f%#k geek :P

Comments

  1. This works with RH 5 but no success with RH 6 X64 as of yet. RH changed the logic and uses three files now. /etc/openldap/ldap.conf /etc/pam_ldap.conf /etc/nslcd.conf. Not that we make it easy around here we are currently using eDirectory as the provider and in the process of switching to MS AD. If you hear how to make the ladp auth work it would be awesome if you post it!

Optimization WordPress Plugins & Solutions by W3 EDGE