The following statement is now obsolete.
The pools account must be unlocked.
--
Laird Louis Poncet
Where: Bat28-R-003 CERN
CH-1211 Geneve 23
Mail : [log in to unmask]
Phone: +41(0)227.674.231
LAL / IN2P3 / CNRS / CERN
On Oct 6, 2006, at 11:05 AM, Tomas Kouba wrote:
> Louis Poncet wrote:
>> A locked account should be accessible by the local root. So when
>> we created the account we should unlocked them.
>
> How does this comply with the following statement? ( http://
> goc.grid.sinica.edu.tw/gocwiki/ssh_problem_from_WN_to_CE )
>
> "Check if pool accounts on CE and WN are enabled for interactive
> login in /etc/loginusers if such a file is configured in /etc/pam.d/
> sshd, /etc/pam.d/login, /etc/pam.d/system-auth, etc. Note: at the
> same time the accounts must be locked, i.e. their encrypted
> password strings
>
> ^^^^^^^^^^^^^^^^^^^^^^^
> must be set to invalid values like "!!" (see man pages for "passwd -
> l" or "usermod -L" commands)."
>
> --
> Tomas Kouba
> Institute of Physics, Academy of sciences of the Czech Republic
|