On Tue, Apr 01, 2014 at 05:58:00PM +0000, Todd Maugh wrote:
> I am seeing this error in /var/log/secure
> 
> [r...@black-64.qa ~]# tail /var/log/secure
> Apr  1 17:54:05 black-64 sshd[3649]: pam_sss(sshd:auth): authentication 
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.194.1.250 user=tmaugh
> Apr  1 17:54:05 black-64 sshd[3649]: pam_sss(sshd:auth): received for user 
> tmaugh: 4 (System error)
> Apr  1 17:54:07 black-64 sshd[3649]: Failed password for tmaugh from 
> 10.194.1.250 port 44697 ssh2
> Apr  1 17:54:12 black-64 sshd[3649]: pam_sss(sshd:auth): authentication 
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.194.1.250 user=tmaugh
> Apr  1 17:54:12 black-64 sshd[3649]: pam_sss(sshd:auth): received for user 
> tmaugh: 4 (System error)

"System Error" means something like "Unhandled exception" from pam_sss.
In general, this shouldn't happen, although System Error is not always
indicative of a bug in SSSD. We use System Error as the default return
code if no other condition matches, so sometimes we just fail to
translate the error code properly -- at one point, we used to return
System Error on clock skew for instance.

Could you attach or paste (to me directly if needed) the domain log file
and also the krb5_child.log ?

> Apr  1 17:54:14 black-64 sshd[3649]: Failed password for tmaugh from 
> 10.194.1.250 port 44697 ssh2
> Apr  1 17:54:15 black-64 sshd[3650]: Connection closed by 10.194.1.250
> Apr  1 17:54:15 black-64 sshd[3649]: PAM 1 more authentication failure; 
> logname= uid=0 euid=0 tty=ssh ruser= rhost=10.194.1.250  user=tmaugh
> Apr  1 17:56:49 black-64 sshd[3713]: Accepted publickey for root from 
> 10.194.1.250 port 38249 ssh2
> Apr  1 17:56:49 black-64 sshd[3713]: pam_unix(sshd:session): session opened 
> for user root by (uid=0)

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to