[Freeipa-users] SSH with password fails - 7 (Authentication failure)

Sun, 16 Jan 2022 04:50:54 -0800 

Hi guys.

This have puzzled my and left clueless.
It's a fresh new deployment and still only single master.
Very first & only user and I cannot 'ssh' with password - but krb ticket I can obtain and 'ssh' with it successfully. 

ssh logs:
..

pam_sss(sshd:auth): received for user bs58: 7 
(Authentication failure)

..

with in: /etc/sssd/sssd.conf
[pam]
debug_level=9

only fail/error/warn in sssd_pam.log is:
..

(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] service: sshd
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] tty: ssh
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] ruser: not set
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] rhost: 10.0.0.16
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] authtok type: 1 (Password)
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] newauthtok type: 0 (No authentication token available)
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] priv: 1
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] cli_pid: 25363
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] logon name: bs583
(2022-01-16 12:20:18): [pam] [pam_print_data] (0x0100): [CID 
#6] flags: 2
(2022-01-16 12:20:18): [pam] [pam_dom_forwarder] (0x0100): 
pam_dp_send_req returned 0
(2022-01-16 12:20:18): [pam] [sbus_dispatch] (0x4000): 
Dispatching.
(2022-01-16 12:20:18): [pam] [pam_dp_send_req_done] 
(0x0200): received: [7 (Authentication 
failure)][ccn.private.com][CID #6]
(2022-01-16 12:20:18): [pam] [pam_reply] (0x4000): pam_reply 
initially called with result [7]: Authentication failure. 
this result might be changed during processing

(2022-01-16 12:20:18): [pam] [pam_reply] (0x0200): blen: 43

(2022-01-16 12:20:18): [pam] [pam_reply] (0x0200): Returning 
[7]: Authentication failure to the client [CID #6]
(2022-01-16 12:20:20): [pam] [client_recv] (0x0200): Client 
disconnected!

...

It's on Centos 8 with:
ipa-server-4.9.6-10.module_el8.5.0+1055+c415bbe9.x86_64
sssd-ipa-2.5.2-2.el8_5.3.x86_64
krb5-libs-1.18.2-14.el8.x86_64


I've tried higher 'debug_level' for other bits in 
'/etc/sssd/sssd.conf' but there it nothing 'abnormal' there 
- or I've gone blind.



All & any suggestions on how to troubleshoot/fix this very 
much appreciated.

many thanks, L.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure






















					Reply via email to