[KLUG Members] changed password on server, now can't login

[Bruce Smith]

> > I changed a user's password on my Suse 9.2 NIS server and now he can
> > only login on a few newer installs of Suse 9.2. He can not login to some
> > older Suse or any Redhat machines. The only thing I can see different is
> > he has a longer passwd in the shadow file begining with $2a$.
> > I believe this is using the newer higher encryption GNU crypt function?
> 
> You probably made an MD5 password,  

Yes, it appears that way.

> you need to somehow set the password
> module to make a crypt password.  See the PAM documentation.

It's possible that NIS won't transfer the entire MD5 password, I've run
into similar problems on really old NIS servers.

How did you change the password on the SuSE 9.2 box?  Standard "passwd"
program?  If so, did you try changing it with "yppasswd" to see if that
creates a standard password hash.

> > How can I get the other machines to accept the new password?
> 
> How much older?  You might be able to just try the MD5 parameter to the
> PAM module doing the authentication (pam_unix?).

Do a "ypcat passwd" to see if the encrypted passwords are even being
transmitted over NIS correctly first.

 - BS