[sudo-users] LDAPS + sudo + AIX 7.1

ace man kevev at hotmail.com
Wed Aug 28 07:03:54 MDT 2013

I figured out my issue. It seems as though sudoers or AIX does not like special characters in the TLS_KEYPW field.

My password was like so #TssE!4v

I tried encapsulating it in single quotes '' and using escape character \ . Nothing worked. I am using a non-complex password and everything works now. I will post my tutorial for anyone else who has this same issue.

> From: Todd.Miller at courtesan.com
> To: kevev at hotmail.com
> CC: sudo-users at sudo.ws
> Subject: Re: [sudo-users] LDAPS + sudo + AIX 7.1
> Date: Thu, 22 Aug 2013 08:19:33 -0600
> On Thu, 22 Aug 2013 07:43:03 -0500, ace man wrote:
> > WIth the correct password I get  "Failed to connect to ssl server"
> > It looks like "ssl start_tls" is trying to connect via port 389 even though I
> > have "PORT 636" set in ldap.conf.
> > This is no good since I use port 636 for SSL/TLS.
> There are two ways to do encrypted LDAP.  You can do ldaps on port
> 636 where the connection is encrypted from the beginning.  Or you
> can use start_tls which uses port 389 and then negotiates TLS.
> These days, start_tls is the standard way to do encrypted LDAP.
>  - todd

More information about the sudo-users mailing list