[Freeipa-users] Problems with FreeIPA-client configuration on OpenSUSE 12.2
Jakub Hrozek
jhrozek at redhat.com
Thu Dec 5 08:49:11 UTC 2013
On Thu, Dec 05, 2013 at 12:02:12PM +0400, Прохоров Сергей wrote:
>
> Hello community, I have problems with FreeIPA-client configuration
> on OpenSUSE 12.2, and I think I can't fix it without your help. I
> have following errors in my /var/log/messages, when I try login in
> by freeipa account:
>
> ############################################################
> Dec 2 18:21:24 linux-l3wy sshd[12481]: Invalid user admin from
> 192.168.0.159
> Dec 2 18:21:24 linux-l3wy sshd[12481]: input_userauth_request:
> invalid user admin [preauth]
> Dec 2 18:21:24 linux-l3wy sssd_be: No worthy mechs found
> Dec 2 18:21:24 linux-l3wy sshd[12481]: Postponed
> keyboard-interactive for invalid user admin from 192.168.0.159 port
> 38175 ssh2 [preauth]
> Dec 2 18:21:41 linux-l3wy sshd[12484]: pam_sss(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=192.168.0.159 user=admin
> Dec 2 18:21:41 linux-l3wy sshd[12484]: pam_sss(sshd:auth): received
> for user admin: 10 (User not known to the underlying authentication
> module)
> Dec 2 18:21:41 linux-l3wy sshd[12481]: error: PAM: User not known
> to the underlying authentication module for illegal user admin from
> 192.168.0.159
> Dec 2 18:21:41 linux-l3wy sshd[12481]: Failed
> keyboard-interactive/pam for invalid user admin from 192.168.0.159
> port 38175 ssh2
> Dec 2 18:21:41 linux-l3wy sshd[12481]: Postponed
> keyboard-interactive for invalid user admin from 192.168.0.159 port
> 38175 ssh2 [preauth]
> Dec 2 18:21:50 linux-l3wy sshd[12481]: Connection closed by
> 192.168.0.159 [preauth]
> ############################################################
Hi Sergey,
are you able to run "getent passwd admin" from the command line? SSH is
complaining that admin is not a known account.
I suspect that for whatevet reason the sssd is unable to connect to the
IPA servers. getent passwd admin or id admin don't return anything, you
should put debug_level=6 into the [domain] section, restart sssd and
then check out /var/log/sssd/sssd_example.com log.
More information about the Freeipa-users
mailing list