Changeset 2080


Ignore:
Timestamp:
Nov 26, 2011, 1:57:11 AM (12 years ago)
Author:
ezyang
Message:
Information on how to reenable password SSH.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/doc/install-howto.sh

    r2079 r2080  
    9292    chmod 0440 /etc/sudoers
    9393
     94# [TEST] You'll need to fix some config now.  See bottom of document.
     95
    9496# Make sure network is working.  Kickstart should have
    9597# configured eth0 and eth1 correctly; use service network restart
     
    324326#   o your lvm thingies; probably don't need to edit
    325327
     328# [TESTSERVER] Enable password log in
     329        vim /etc/ssh/sshd_config
     330        service sshd reload
     331        vim /etc/pam.d/sshd
     332# Replace the first auth block with:
     333#           # If they're not root, but their user exists (success),
     334#           auth    [success=ignore ignore=ignore default=1]        pam_succeed_if.so uid > 0
     335#           # print the "You don't have tickets" error:
     336#           auth    [success=die ignore=reset default=die]  pam_echo.so file=/etc/issue.net.no_tkt
     337#           # If !(they are root),
     338#           auth    [success=1 ignore=ignore default=ignore]        pam_succeed_if.so uid eq 0
     339#           # print the "your account doesn't exist" error:
     340#           auth    [success=die ignore=reset default=die]  pam_echo.so file=/etc/issue.net.no_user
     341
     342
    326343# [WIZARD/TESTSERVER] If you are setting up a non-production server,
    327344# there are some services that it won't provide, and you will need to
     
    330347#   - We don't serve LDAP, so use another server
    331348# This involves editing the following files:
    332 #   o /etc/sysconfig/network-scripts/ifcfg-lo:0
    333 #   o /etc/sysconfig/network-scripts/ifcfg-lo:1
    334 #   o /etc/sysconfig/network-scripts/ifcfg-lo:2
    335 #   o /etc/sysconfig/network-scripts/ifcfg-lo:3
    336        \rm /etc/sysconfig/network-scripts/ifcfg-lo:{0,1,2,3}
     349        \rm /etc/sysconfig/network-scripts/ifcfg-lo:{0,1,2,3}
     350        \rm /etc/sysconfig/network-scripts/route-eth1 # [TESTSERVER] only
    337351#   o /etc/nslcd.conf
    338352#       replace: uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/
Note: See TracChangeset for help on using the changeset viewer.