After running fedora update, I am unable to log-in into the cocpit-ws and I am not sure what went wrong. I am able to ssh to the box using ipa credentials without issue. But cocpit gives me "wrong username or password" Errors I'm getting in journal 'couldn't read from connection: Peer sent fatal TLS alert: Unknown certificate'
I'm running FreeIpa server and cocpit-ws on same machine Maybe someone had similar issue or some ideas where to start debugging it ? Log snippet when I am trying to log in: myserver.domain.com audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=cockpit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' myserver.domain.com cockpit-ws[13295]: Using certificate: /etc/cockpit/ws-certs.d/0-self-signed.cert myserver.domain.com cockpit-ws[13295]: couldn't read from connection: Peer sent fatal TLS alert: Unknown certificate myserver.domain.com cockpit-session[13298]: pam_sss(cockpit:auth): authentication success; logname= uid=0 euid=0 tty= ruser= rhost=10.0.5.44 user=myuser myserver.domain.com audit[13298]: USER_AUTH pid=13298 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_succeed_if,pam_sss acct="myuser" exe="/usr/libexec/cockpit-session" hostname=10.0.5.44 addr=10.0.5.44 terminal=? res=success' myserver.domain.com audit[13298]: USER_ACCT pid=13298 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="myuser" exe="/usr/libexec/cockpit-session" hostname=10.0.5.44 addr=10.0.5.44 terminal=? res=success' myserver.domain.com audit[13298]: CRED_ACQ pid=13298 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="myuser" exe="/usr/libexec/cockpit-session" hostname=10.0.5.44 addr=10.0.5.44 terminal=? res=success' myserver.domain.com cockpit-session[13298]: pam_ssh_add: Identity added: /home/myuser/.ssh/id_rsa ([email protected]) myserver.domain.com systemd-logind[1067]: New session 39 of user myuser. -- Subject: A new session 39 has been created for user myuser -- Defined-By: systemd -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel -- Documentation: https://www.freedesktop.org/wiki/Software/systemd/multiseat -- -- A new session with the ID 39 has been created for the user myuser. -- -- The leading process of the session is 13298. myserver.domain.com systemd[1]: Started Session 39 of user myuser. -- Subject: Unit session-39.scope has finished start-up -- Defined-By: systemd -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-39.scope has finished starting up. -- -- The start-up result is done. myserver.domain.com cockpit-session[13298]: pam_unix(cockpit:session): session opened for user myuser by (uid=0) myserver.domain.com audit[13298]: USER_START pid=13298 uid=0 auid=1907400001 ses=39 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_keyinit,pam_ssh_add,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_sss,pam_umask,pam_lastlog acct="myuser" exe="/usr/libexec/cockpit-sessi> myserver.domain.com audit[13298]: CRED_REFR pid=13298 uid=0 auid=1907400001 ses=39 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="myuser" exe="/usr/libexec/cockpit-session" hostname=10.0.5.44 addr=10.0.5.44 terminal=? res=success' myserver.domain.com cockpit-ws[13295]: 3: Permission denied. myserver.domain.com audit[13298]: CRED_DISP pid=13298 uid=0 auid=1907400001 ses=39 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="myuser" exe="/usr/libexec/cockpit-session" hostname=10.0.5.44 addr=10.0.5.44 terminal=? res=success' myserver.domain.com cockpit-session[13298]: pam_unix(cockpit:session): session closed for user myuser myserver.domain.com audit[13298]: USER_END pid=13298 uid=0 auid=1907400001 ses=39 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_keyinit,pam_ssh_add,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_sss,pam_umask,pam_lastlog acct="myuser" exe="/usr/libexec/cockpit-sessio> myserver.domain.com systemd-logind[1067]: Session 39 logged out. Waiting for processes to exit. myserver.domain.com systemd-logind[1067]: Removed session 39. -- Subject: Session 39 has been terminated -- Defined-By: systemd -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel -- Documentation: https://www.freedesktop.org/wiki/Software/systemd/multiseat -- -- A session with the ID 39 has been terminated. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
