This content has been marked as final. Show 21 replies
Interesting thread (It's nice to see a more active thread around here too :)). I also had the same problem shhmoo had and had to use /var/adm/messages file for it to work.
Anyway, this is a common issue here too. I can see people trying random common user names for quite a long time. I am now wondering, whether it is possible to limit login tries (from IP address say) to a certain number, and then disallow the IP to retry for a specified amount of time. Is this possible via sshd or perhaps within Solaris?
OH, sshmoo and TanGU ,I met the same problem withHi Selene,
you. But I did all that you said, it's no use.
- Uncommented SyslogFacility AUTH and LogLevel INFO
in the sshd_config file.
- added entry "auth.debug /var/adm/messages" at the
end of the /etc/syslog.conf file
-reboot the sshd and close all boxes
I can't see any address under the 'Could not get
shadow information for NOUSER'
Did I miss anything? please help me and give me a
hint. Thank you very very much.
About the LogLevel, you need to put the word DEBUG instead of INFO in the sshd_config file, to read:
Restart sshd after that,
Have a nice day,
check your authentication source for none unique entries. E.g. if you have two accounts with the same UID and GID, you'll see this error.
I guess, because ssh picks up sometimes account A and later account B using the same uid and gets confused ...
I started getting those messages so I looked up in my groups, passwd and shadow.
I noticed that I had 2 user accts in shadow that I have deleted from passwd file.
After deleting those 2 stale user accts from shadow, errors stopped showing up.
BTW, changing log level doesn't fix the problem, it is hiding it.
Sorry, I was wrong, whenever I try to login with non existent acct still NOUSER message!
I actually ran into this today with OpenSSH where the problem ended up being related to LDAP. I had an interesting time as it was getting LDAP authentication to work, only to find that there were modifications I had to make to /etc/pam.conf to make PAM LDAP-aware. My error about the shadow information for NOUSER went away once I changed the "UsePAM no" in sshd_config to "UsePAM yes".
follow these steps:
1.to be root.
2.Running pwck showed the problem.
Login directory not found
Optional shell file not found
3.The "Login directory not found" told the user's default directoty did not exist.Creat the directoty are able to fix the problem.
4.The "Optional shell file not found" told the user's default shell (/bin/tcsh+) did not exist on the system. Changing the default shell (such as /bin/sh)to a valid shell (or installing the missing shell) fixed the problem.
5.After fixed all problem,then running pwck again.
6.If pwck showed nothing,then the message dispear now.
Edited by: liukz on Oct 31, 2008 10:40 AM