[Fedora-directory-users] Setting up a client for ssl
Steven Jones
Steven.Jones at vuw.ac.nz
Fri Sep 14 01:22:52 UTC 2007
While testing a RHAS4 client the logs seems to indicate ssl is working
as I get startTLS in the access log.
When I do a ssh connection though I do not see startTLS in the access
log, so is this actually working correctly?
ldapsearch -x -ZZ '(uid=jonesst1)'
Output on the client will typically be,
================
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=jonesst1)
# requesting: ALL
#
# jonesst1, People, vuw.ac.nz
dn: uid=jonesst1,ou=People,dc=vuw,dc=ac,dc=nz
givenName: Steven
sn: Jones
loginShell: /bin/bash
uidNumber: 500
gidNumber: 500
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
uid: jonesst1
cn: Steven Jones
homeDirectory: /home/jonesst1
# search result
search: 3
result: 0 Success
# numResponses: 2
# numEntries: 1
==========
Cannot see startTLS in this part though when ssh'ing in,
==========
[14/Sep/2007:13:10:26 +1200] conn=44 fd=67 slot=67 connection from
130.195.87.250 to 130.195.87.249
[14/Sep/2007:13:10:26 +1200] conn=44 op=0 BIND dn="" method=128
version=3
[14/Sep/2007:13:10:26 +1200] conn=44 op=0 RESULT err=0 tag=97 nentries=0
etime=0 dn=""
[14/Sep/2007:13:10:26 +1200] conn=44 op=1 SRCH base="dc=vuw,dc=ac,dc=nz"
scope=2 filter="(uid=jonesst1)" attrs=ALL
[14/Sep/2007:13:10:26 +1200] conn=44 op=1 RESULT err=0 tag=101
nentries=1 etime=0
[14/Sep/2007:13:10:26 +1200] conn=44 op=2 BIND dn="" method=128
version=3
[14/Sep/2007:13:10:26 +1200] conn=44 op=2 RESULT err=0 tag=97 nentries=0
etime=0 dn=""
[14/Sep/2007:13:10:26 +1200] conn=44 op=3 BIND
dn="uid=jonesst1,ou=People,dc=vuw,dc=ac,dc=nz" method=128 version=3
[14/Sep/2007:13:10:26 +1200] conn=44 op=3 RESULT err=0 tag=97 nentries=0
etime=0 dn="uid=jonesst1,ou=people,dc=vuw,dc=ac,dc=nz"
[14/Sep/2007:13:10:26 +1200] conn=44 op=4 BIND dn="" method=128
version=3
[14/Sep/2007:13:10:26 +1200] conn=44 op=4 RESULT err=0 tag=97 nentries=0
etime=0 dn=""
[14/Sep/2007:13:10:26 +1200] conn=45 fd=68 slot=68 connection from
130.195.87.250 to 130.195.87.249
[14/Sep/2007:13:10:26 +1200] conn=45 op=0 BIND dn="" method=128
version=3
[14/Sep/2007:13:10:26 +1200] conn=45 op=0 RESULT err=0 tag=97 nentries=0
etime=0 dn=""
[14/Sep/2007:13:10:26 +1200] conn=45 op=1 SRCH base="dc=vuw,dc=ac,dc=nz"
scope=2 filter="(&(objectClass=posixAccount)(uid=jonesst1))" attrs=ALL
[14/Sep/2007:13:10:26 +1200] conn=45 op=1 RESULT err=0 tag=101
nentries=1 etime=0
[14/Sep/2007:13:10:26 +1200] conn=45 op=2 SRCH base="dc=vuw,dc=ac,dc=nz"
scope=2
filter="(&(objectClass=posixGroup)(|(memberUid=jonesst1)(uniqueMember=ui
d=jonesst1,ou=People,dc=vuw,dc=ac,dc=nz)))" attrs="gidNumber"
[14/Sep/2007:13:10:26 +1200] conn=45 op=2 RESULT err=0 tag=101
nentries=0 etime=0
[14/Sep/2007:13:10:26 +1200] conn=44 op=5 UNBIND
[14/Sep/2007:13:10:26 +1200] conn=44 op=5 fd=67 closed - U1
==========
regards
Steven Jones
Senior Linux/Unix/San/Vmware System Administrator
APG -Technology Integration Team
Victoria University of Wellington
Phone: +64 4 463 6272
More information about the Fedora-directory-users
mailing list