Re: Machine not locked-up but can't log on either
- From: Ray Van Dolson <rayvd@xxxxxxxxxxxxxxx>
- Date: Thu, 4 May 2006 10:20:28 -0700
On Thu, May 04, 2006 at 01:15:17PM -0400, Ryan Golhar wrote:
Yes, I do use LDAP authentication (but the root user is a local user).
I'm also limiting who is allow to connect through ssh via
/etc/hosts.allow. I'm restricting it to the ISPs of our users. I
suppose its possible someone is trying to gain access from one of those
ISPs, but the logs of the other machines only show an occassional failed
login attempt. Would the ssh login attempts also prevent me from
logging in from the console?
Ryan
Probably. LDAP has a nasty habit of taking a really long time to time out
on things to even give your local user account a chance to authenticate.
Probably DNS lookup is timing out and then either the LDAP bind process
tries to time out or gets hung. In the end, the local authentication never
even gets a chance to run.
I know there have been some decent posts on tweaking the timeouts and/or PAM
to behave better in this situation... but it's also one of the reasons I
changed my CTRL-ALT-DEL key to disable LDAP so I could get into a server in
this state.
Doesn't work so well for a remote box though. :)
Ray
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- Re: Machine not locked-up but can't log on either
- From: Ray Van Dolson
- Re: Machine not locked-up but can't log on either
- References:
- Re: Machine not locked-up but can't log on either
- From: Ray Van Dolson
- RE: Machine not locked-up but can't log on either
- From: Ryan Golhar
- Re: Machine not locked-up but can't log on either
- Prev by Date: Two NICs
- Next by Date: Re: Machine not locked-up but can't log on either
- Previous by thread: RE: Machine not locked-up but can't log on either
- Next by thread: Re: Machine not locked-up but can't log on either
- Index(es):
Relevant Pages
|
|
