Hi,

I've configured my server with LDAP, so all users (except system
users) are authenticated in the LDAP server.

The LDAP server is IBM Directory Server 4.1.

A LDAP user (e.g. jferruz) can login in the system if I use telnet or
console, but if I use ssh I get the next error message

Permission denied (publickey,password,keyboard-interactive)

Why? Have I configure anything in the ssh server? Have I configure
anything in AIX?

Thanks in advance,

Javier wrote:
> I've configured my server with LDAP, so all users (except system
> users) are authenticated in the LDAP server.
>
> The LDAP server is IBM Directory Server 4.1.
>
> A LDAP user (e.g. jferruz) can login in the system if I use telnet or
> console, but if I use ssh I get the next error message
>
> Permission denied (publickey,password,keyboard-interactive)
>
> Why? Have I configure anything in the ssh server? Have I configure
> anything in AIX?

I (and my collegea's) have the experience that SSH is more picky about
the password-expiration. Please check the people-entries in your LDAP
server have the 'shadowAccount' objectclass (when using the 2307 of
2307+AIX schema) or you have a uid=default account with the correct
settings in you LDAP server (when using the AIX schema).

HTH, Erik.
--
---------------------------------------------------------------------------
Erik C.J. Laan elaan at dds.nl
Please reply below the message, please cut unrelevant pieces from a reply.
---------------------------------------------------------------------------