[sudo-users] sudo, pam and ssl

Sergio Rua srua at plus.net
Fri Dec 15 06:20:58 EST 2006


I've a bizarre problem I can't figure out. I've got a server configured
with ldap authentication (pam_ldap + nss_ldap) and sudo with ldap support.

If I configured pam_ldap with no ssl (ldap://server) everything works
fine. If I configured instead to use ssl (ldaps://server) login is still
fine but sudo cannot authenticate. I keep getting the error:

sudo: pam_authenticate: Authentication service cannot retrieve
authentication info.

Second problem is that if I configure /etc/ldap.conf to use ssl as well
for sudo itself, it is not be able to retrieve the sudoers from the server:

Using ldap_initialize(ldaps://server)
ldap_simple_bind_s()=81 : Can't contact LDAP server

Any light to my problems? Thanks!

Sergio Rua

More information about the sudo-users mailing list