[OpenAFS] Passwordless login through ssh with pam/afs.
Wed, 14 Mar 2007 09:15:36 -0700
Walter Lamagna <firstname.lastname@example.org> writes:
> Thanks for your answer. It is acceptable for me to doesnt have the
> token when i ssh, the ~/.ssh directory in the users home (which is in
> the AFS) is publicly readable.
> But i do get this error when i want to ssh to the host:
> pam_afs: AFS Won't use illegal password for user integra
You can't use pam_afs as a session module if you're using public key
authentication because pam_afs doesn't know what to do without a
password. You need to change your PAM configuration so that pam_afs is
not used in this case or so that its return status is ignored.
> Does pam_afs restricts the login because i am willing to use public key
> with ssh ?
pam_afs is failing because it doesn't have a password, and apparently it's
a required module in your PAM stack and therefore is aborting the login.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>