[CentOS] pam changes - service restart reqd?
Carlos S
neubyr at gmail.comMon Aug 30 21:10:13 UTC 2010
- Previous message: [CentOS] pam changes - service restart reqd?
- Next message: [CentOS] Centos 5.5, not booting latest kernel but older one instead
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thanks for the replies everyone. It seems to be working without any sshd restart. Also, I changed ldap conf to a non standard location for some debugging. It still uses same ldap url over ssl, so I didn't have to restart nscd. But it's good to know of potential pitfalls. -- CS. On Mon, Aug 30, 2010 at 3:25 PM, Paul Heinlein <heinlein at madboa.com> wrote: > On Mon, 30 Aug 2010, Carlos S wrote: > >> Changed system-auth config to use LDAP. >> >> The sshd config is configured to use PAM. I am not sure whether it >> load that file at daemon start or refers to it every time a login >> attempt with password is made. >> >> When would it be requiring restart in general? > > Make sure you restart nscd before trying anything else. > > If > * you're doing LDAP over SSL, > * you've configured LDAP to verify peers against a CA certificate, > * that cert was not in place when you did the system-auth changes, > then sometimes a reboot seems the easiest way out. > > I suspect that I haven't played enough with tricks like "telinit u" to > figure out the real magic. All I know is that a mid-stream switch to > LDAP/SSL doesn't always "take" easily. > > -- > Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/ > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
- Previous message: [CentOS] pam changes - service restart reqd?
- Next message: [CentOS] Centos 5.5, not booting latest kernel but older one instead
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list