Today I upgraded a server from slink to potato - it's an internal testing/intranet server. The upgrade went fairly well, but even though I had done extensive tests on other servers first, I still came up against problems.
The immediate problem on completing the upgrade of most packages was that users were unable to log in via ssh using password authentication. I thought this might be due to the new version of ssh, but later, users accessing fileshares via Appletalk were unable to authenticate either. After a while, I realised the problem was down to NIS in some way. I have one server (running slink currently) which has a central password database shared via NIS (it does use shadow passwords). I also have a netgroup specified, which contains users that are allowed to use the intranet server. Previously, the intranet server was set up as an NIS client, with the following line in /etc/passwd [EMAIL PROTECTED]:::::: (similarly in /etc/shadow) This allowed everyone in the intra group to be authenticated. Somehow.. the various upgrades to libc/nis etc in potato has broken this. I can still 'ypcat netgroup' and see the list of users, but all attempts at logins via ssh or any other means resulted in: Aug 31 21:07:39 devon sshd[9063]: Failed password for xx I solved the problem by explicitly naming each user in the password files e.g. +username:::::: Can anyone tell me if this problem can be fixed, or can I assume it will be fixed when I upgrade my NIS master server to potato? Thanks -- Dafydd Tomos
