From 91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb Mon Sep 17 00:00:00 2001 From: Amy Fong Date: Tue, 22 Jul 2014 09:55:30 -0400 Subject: ldap/pam: enable pam/ldap authentication - modify pam configuration files to use ldap - modify sshd to enable pam - modify nsswitch.conf to use ldap Signed-off-by: Amy Fong --- .../recipes-connectivity/openssh/files/mcs-sshd | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100755 meta-openstack/recipes-connectivity/openssh/files/mcs-sshd (limited to 'meta-openstack/recipes-connectivity/openssh/files/mcs-sshd') diff --git a/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd new file mode 100755 index 0000000..3420bd2 --- /dev/null +++ b/meta-openstack/recipes-connectivity/openssh/files/mcs-sshd @@ -0,0 +1,33 @@ +# PAM configuration for the Secure Shell service + +# Standard Un*x authentication. +auth include common-auth + +# Disallow non-root logins when /etc/nologin exists. +account required pam_nologin.so + +# Uncomment and edit /etc/security/access.conf if you need to set complex +# access limits that are hard to express in sshd_config. +# account required pam_access.so + +# Standard Un*x authorization. +account include common-account + +# Set the loginuid process attribute. +session required pam_loginuid.so + +# Create a new session keyring. +session optional pam_keyinit.so force revoke + +# Standard Un*x session setup and teardown. +session include common-session + +# Set up user limits from /etc/security/limits.conf. +session required pam_limits.so + +# Read environment variables from /etc/environment and +# /etc/security/pam_env.conf. +session required pam_env.so # [1] + +# Standard Un*x password updating. +password include common-password -- cgit v1.2.3-54-g00ecf