Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper failed, status 1 #41

Open
hth2 opened this issue Jul 30, 2020 · 2 comments
Open

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper failed, status 1 #41

hth2 opened this issue Jul 30, 2020 · 2 comments

Comments

@hth2
Copy link

hth2 commented Jul 30, 2020

I installed ssh-ldap-pubkey as instructed, and tested it with:

ssh-ldap-pubkey list -u  abc
ssh-rsa AAA....

however when I tried to login as abc, I got this error in auth.log (after setting LogLevel DEBUG in /etc/ssh/sshd_config):

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper abc failed, status 1

What can I try to troubleshoot this problem?
@erebane
Copy link

erebane commented Aug 1, 2020
edited
Loading

Could it be wrong path to wrapper?
My Ubuntu 18.04 seems to have it at /usr/local/bin/ssh-ldap-pubkey-wrapper

@hth2
Copy link
Author

hth2 commented Aug 1, 2020

I debugged it by su to nobody and ran the command. It turned out nobody user could not read ldap.conf. So I changed permission of ldap.conf to 644 and it works now. But now any user on the system can read ldap.conf and hence the value of bindpw. There must be a better way to solve it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hth2 @erebane