Force OpenSSH (SSHD) to use authentication via LDAP server
Lightweight Directory Access Protocol, or LDAP , is a directory services running over TCP/IP. Most large business and organization use LDAP for centralized authentication.
You can read LDAP Linux HOWTO for setup and configuration. If your workstation or server setup to authenticate via LDAP, open ssh will not work when user try to connect from remote system. You need to make little modification to openssh, so that it can authenticate you via LDAP:
Open /etc/ssh/sshd_config file
# vi /etc/ssh/sshd_config file
Append or modify line as follows:
PAMAuthenticationViaKbdInt yes
Restart OpenSSH
# /etc/init.d/sshd restart
Now ssh server will accept login for remote users.
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- How to: Apache authentication using LDAP Server
- Force OpenSSH (sshd) to listen on selected multiple IP address only
- BSD start services
- How to force sshd server to display login banner before login (change the ssh server login banner)
- Setup OpenLDAP authentication on Linux for OSX Client and sync / share home directory
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
I think no additional configuration is needed because the file /etc/nsswitch.conf
I think no additional configuration is needed because the file /etc/nsswitch.conf contains the entry
passwd: files ldap
This will do the trick.
LDAP and authentication mechanism is already configured. But you need to tell this to OpenSSH.