sudo+Securid: "Cannot contact SecurID server" ... ? On Solaris 8 -

Tim_Stearns at capgroup.com Tim_Stearns at capgroup.com
Thu Nov 21 19:44:45 EST 2002


    Hello - I'm new to the list, and new to compiling sudo-1.6.6 with the
SecurID option. It fails -- "Cannot contact SecurID server" -- maybe
because of a simple detail like defining the ACE server somewhere or
putting sdconf.rec in the right directory. But if so, where?

    I'm building sudo-1.6.6 on a Solaris 8 machine, using gcc.
    It builds, installs, and works fine when compiled without the SecurID
option.
    SecurID by itself also works fine. I ran aceagent against an sdconf.rec
file from our local Unix team, who manage the ACE server. I specified the
ace directory as "/opt/securid".
    The Unix team also sent me files for compiling sudo+SecurID. I put them
in a different directory and gave configure the info:
          make distclean
          ./configure --with-SecurID=/disk2-workspace/build/sudo/4securid
--without-passwd
          make
          make install

    What I get for my trouble is this:

          $ /usr/local/bin/sudo su - isadmin
          /usr/local/bin/sudo: Cannot contact SecurID server
          $

    The firewall between this client and server shows green (accept)
packets when I login and call on the independent SecurID. When I then run
sudo, though, NO packets hit the firewall. So I suspect that sudo+securid
lacks the identity of the master server. But does that info get compiled in
by having sdconf.rec located ... where? I tried several reasonable places.
Or is there a config line that names it?

    Thanks for any ideas!
    Tim Stearns





More information about the sudo-users mailing list