Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper failed, status 1 #41

Open
hth2 opened this issue Jul 30, 2020 · 2 comments
Open

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper failed, status 1 #41

hth2 opened this issue Jul 30, 2020 · 2 comments

Comments

@hth2
Copy link

hth2 commented Jul 30, 2020

I installed ssh-ldap-pubkey as instructed, and tested it with:

ssh-ldap-pubkey list -u  abc
ssh-rsa AAA....

however when I tried to login as abc, I got this error in auth.log (after setting LogLevel DEBUG in /etc/ssh/sshd_config):

AuthorizedKeysCommand /usr/bin/ssh-ldap-pubkey-wrapper abc failed, status 1

What can I try to troubleshoot this problem?
@erebane
Copy link

erebane commented Aug 1, 2020
edited
Loading

Could it be wrong path to wrapper?
My Ubuntu 18.04 seems to have it at /usr/local/bin/ssh-ldap-pubkey-wrapper

@hth2
Copy link
Author

hth2 commented Aug 1, 2020

I debugged it by su to nobody and ran the command. It turned out nobody user could not read ldap.conf. So I changed permission of ldap.conf to 644 and it works now. But now any user on the system can read ldap.conf and hence the value of bindpw. There must be a better way to solve it?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hth2 @erebane