[Freeipa-users] [Solaris 10] Cannot login through console or ssh with ipa users
nathan at nathanpeters.com
nathan at nathanpeters.com
Thu Feb 26 18:15:21 UTC 2015
> On 02/25/2015 04:37 PM, nathan at nathanpeters.com wrote:
>>> It does not seem to recognize the user in the secan attempt but the
>>> first attempt seems to authenticate and then disconnect.
>>> I do not see trace from accounting session but I suspect that your pam
>>> stack does not authorize authenticated user.
>>> Try to allow all authenticated users first. This will prove that it is
>>> a
>>> pam stack accounting phase configuration issue.
>>>
>>> --
>>> Thank you,
>>> Dmitri Pal
>>>
>>> Sr. Engineering Manager IdM portfolio
>>> Red Hat, Inc.
>>>
>>> --
>>> Manage your subscription for the Freeipa-users mailing list:
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>> Go To http://freeipa.org for more info on the project
>>>
>> How do I allow all authenticated users? In the freeIPA domain I have a
>> rule 'allow_all' that allows any user to connect to any system on any
>> service. This is working fine for linux clients.
>>
>> I assume you mean to do it on the Solaris machine? I don't have any
>> users
>> specifically blocked, ie, there is nothing in my sshd_config file that
>> is
>> limiting the users and groups that can login. Eg, I've got no
>> 'AllowUsers' lines or anything like that. I've even got PermitRootLogin
>> set to yes and have tested that root can login.
>>
>>
>>
>>
>
> other account required pam_permit.so
>
> and comment other pam modules in the section:
>
> Default definition for Account management
> # Used when service name is not explicitly mentioned for account
> management
> #
> other account requisite pam_roles.so.1 debug
> other account required pam_unix_account.so.1 debug
> #other account sufficient pam_ldap.so.1
> other account required pam_krb5.so.1 debug
>
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager IdM portfolio
> Red Hat, Inc.
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project
>
pam_permit does not exist in Solaris 10 so I cannot use that to test. The
only way I could break down where the error is happening is to restore to
a completely default pam.conf and add the krb5.so entries 1 at a time.
The first entry was added fine in the login section although I noted that
the 'try_first_pass' option also does not exist in Solaris, so not sure
why the guide for Solaris is saying to use that:
login auth sufficient pam_krb5.so.1
The following entry is what broke the system :
other auth sufficient pam_krb5.so.1
I placed it in the same place as in the guide (under unix_cred and before
unix_auth). So we know its the auth thats failing, not the account?
Here is how it broke : root can no longer login through ssh.
I compared the log entries for logins before and after the auth change and
they are identical up to about line 127.
I noticed that the login that failed threw a strange krb5
pam_no_module_data error before disconnecting the ssh client.
Here are the 2 logs for reference:
unsuccessful root login
-----------------------
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
872586 auth.debug] PAM[494]: pam_authenticate(812bf10, 1):
/usr/lib/security/pam_authtok_get.so.1 returned Ignore module
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:user)=root
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:authtok)=********
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:repository)=NULL
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
872586 auth.debug] PAM[494]: pam_authenticate(812bf10, 1):
/usr/lib/security/pam_dhkeys.so.1 returned Ignore module
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
872586 auth.debug] PAM[494]: pam_authenticate(812bf10, 1):
/usr/lib/security/pam_unix_cred.so.1 returned Ignore module
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:user)=root
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
395087 auth.debug] PAM[494]:
pam_get_data(812bf10:SUNW-KRB5-AUTH-DATA)=PAM_NO_MODULE_DATA
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
140038 auth.debug] PAM[494]:
pam_set_data(812bf10:SUNW-KRB5-AUTH-DATA:2)=812cc20
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:repository)=NULL
Feb 26 17:51:57 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[494]: [ID
455340 auth.debug] PAM[494]: pam_get_item(812bf10:authtok)=********
successful root login
---------------------
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_authenticate(812e218, 1):
/usr/lib/security/pam_authtok_get.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:authtok)=********
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:repository)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_authenticate(812e218, 1):
/usr/lib/security/pam_dhkeys.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_authenticate(812e218, 1):
/usr/lib/security/pam_unix_cred.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:authtok)=********
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:repository)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_authenticate(812e218, 1):
/usr/lib/security/pam_unix_auth.so.1 returned Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
361950 auth.debug] PAM[482]: pam_authenticate(812e218, 1): final: Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
800047 auth.debug] debug1: do_pam_account: called
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
690203 auth.debug] PAM[482]: pam_acct_mgmt(812e218, 0)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
130549 auth.debug] PAM[482]: load_modules(812e218,
pam_sm_acct_mgmt)=/usr/lib/security/pam_roles.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
149591 auth.debug] PAM[482]: load_function: successful load of
pam_sm_acct_mgmt
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
130549 auth.debug] PAM[482]: load_modules(812e218,
pam_sm_acct_mgmt)=/usr/lib/security/pam_unix_account.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
149591 auth.debug] PAM[482]: load_function: successful load of
pam_sm_acct_mgmt
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:auser)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:ruser)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:rhost)=10.5.5.57
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_acct_mgmt(812e218, 0):
/usr/lib/security/pam_roles.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
390833 auth.debug] PAM[482]: pam_get_item(812e218:repository)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
330580 auth.debug] PAM[482]:
pam_get_data(812e218:SUNW-UNIX-AUTHTOK-DATA)=PAM_NO_MODULE_DATA
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
710061 auth.debug] PAM[482]:
pam_set_data(812e218:SUNW-UNIX-AUTHTOK-DATA:2)=812e880
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
806026 auth.debug] PAM[482]: pam_acct_mgmt(812e218, 0):
/usr/lib/security/pam_unix_account.so.1 returned Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
361950 auth.debug] PAM[482]: pam_acct_mgmt(812e218, 0): final: Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[482]: [ID
804632 auth.debug] PAM[482]: pam_getenvlist(812e218)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: PAM: num PAM env strings 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.info] Postponed keyboard-interactive/pam for root from
10.5.5.57 port 53885 ssh2 [preauth]
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: do_pam_account: called
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.info] Accepted keyboard-interactive/pam for root from
10.5.5.57 port 53885 ssh2
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: monitor_child_preauth: root has been
authenticated by privileged process
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: monitor_read_log: child log fd closed
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
415390 auth.debug] PAM[480]: pam_set_item(812e218:conv)=8086ff8
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: PAM: establishing credentials
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
690202 auth.debug] PAM[480]: pam_setcred(812e218, 1)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
259530 auth.debug] PAM[480]: load_modules(812e218,
pam_sm_setcred)=/usr/lib/security/pam_authtok_get.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
985081 auth.debug] PAM[480]: load_function: successful load of
pam_sm_setcred
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
259530 auth.debug] PAM[480]: load_modules(812e218,
pam_sm_setcred)=/usr/lib/security/pam_dhkeys.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
985081 auth.debug] PAM[480]: load_function: successful load of
pam_sm_setcred
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
259530 auth.debug] PAM[480]: load_modules(812e218,
pam_sm_setcred)=/usr/lib/security/pam_unix_cred.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
985081 auth.debug] PAM[480]: load_function: successful load of
pam_sm_setcred
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
259530 auth.debug] PAM[480]: load_modules(812e218,
pam_sm_setcred)=/usr/lib/security/pam_unix_auth.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
985081 auth.debug] PAM[480]: load_function: successful load of
pam_sm_setcred
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
740490 auth.debug] PAM[480]: pam_setcred(812e218, 1):
/usr/lib/security/pam_authtok_get.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:authtok)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
740490 auth.debug] PAM[480]: pam_setcred(812e218, 1):
/usr/lib/security/pam_dhkeys.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:auser)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:rhost)=10.5.5.57
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:tty)=ssh
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:resource)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
740490 auth.debug] PAM[480]: pam_setcred(812e218, 1):
/usr/lib/security/pam_unix_cred.so.1 returned Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
740490 auth.debug] PAM[480]: pam_setcred(812e218, 1):
/usr/lib/security/pam_unix_auth.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
361438 auth.debug] PAM[480]: pam_setcred(812e218, 1): final: Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
415390 auth.debug] PAM[480]: pam_set_item(812e218:conv)=8086ff8
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
690202 auth.debug] PAM[480]: pam_open_session(812e218, 0)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
259530 auth.debug] PAM[480]: load_modules(812e218,
pam_sm_open_session)=/usr/lib/security/pam_unix_session.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
985081 auth.debug] PAM[480]: load_function: successful load of
pam_sm_open_session
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:tty)=ssh
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
390817 auth.debug] PAM[480]: pam_get_item(812e218:rhost)=10.5.5.57
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
740490 auth.debug] PAM[480]: pam_open_session(812e218, 0):
/usr/lib/security/pam_unix_session.so.1 returned Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
361438 auth.debug] PAM[480]: pam_open_session(812e218, 0): final: Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: Entering interactive session for SSH2.
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: server_init_dispatch_20
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: server_input_channel_open: ctype session rchan
256 win 16384 max 16384
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: input_session_request
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: channel 0: new [server-session]
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_new: session 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_open: channel 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_open: session 0: link with channel 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: server_input_channel_open: confirm session
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: server_input_channel_req: channel 0 request
pty-req reply 1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_by_channel: session 0 channel 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_input_channel_req: session 0 req
pty-req
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: Allocating pty.
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_pty_req: session 0 alloc /dev/pts/2
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: server_input_channel_req: channel 0 request
shell reply 1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_by_channel: session 0 channel 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.debug] debug1: session_input_channel_req: session 0 req shell
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[480]: [ID
800047 auth.info] Starting session: shell on pts/2 for root from 10.5.5.57
port 53885
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
415422 auth.debug] PAM[484]: pam_set_item(812e218:conv)=8086ff8
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
800047 auth.debug] debug1: PAM: reinitializing credentials
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
690204 auth.debug] PAM[484]: pam_setcred(812e218, 4)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
259531 auth.debug] PAM[484]: load_modules(812e218,
pam_sm_setcred)=/usr/lib/security/pam_authtok_get.so.1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
871562 auth.debug] PAM[484]: pam_setcred(812e218, 4):
/usr/lib/security/pam_authtok_get.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
871562 auth.debug] PAM[484]: pam_setcred(812e218, 4):
/usr/lib/security/pam_dhkeys.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
390849 auth.debug] PAM[484]: pam_get_item(812e218:user)=root
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
390849 auth.debug] PAM[484]: pam_get_item(812e218:auser)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
390849 auth.debug] PAM[484]: pam_get_item(812e218:rhost)=10.5.5.57
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
390849 auth.debug] PAM[484]: pam_get_item(812e218:tty)=ssh
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
390849 auth.debug] PAM[484]: pam_get_item(812e218:resource)=NULL
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
871562 auth.debug] PAM[484]: pam_setcred(812e218, 4):
/usr/lib/security/pam_unix_cred.so.1 returned Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
871562 auth.debug] PAM[484]: pam_setcred(812e218, 4):
/usr/lib/security/pam_unix_auth.so.1 returned Ignore module
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
362462 auth.debug] PAM[484]: pam_setcred(812e218, 4): final: Success
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
800047 auth.debug] debug1: permanently_set_uid: 0/0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[484]: [ID
482209 auth.debug] PAM[484]: pam_getenvlist(812e218)
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: server_input_channel_req: channel 0 request
winadj at putty.projects.tartarus.org reply 1
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: session_by_channel: session 0 channel 0
Feb 26 17:45:37 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: session_input_channel_req: session 0 req
winadj at putty.projects.tartarus.org
Feb 26 17:45:41 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: server_input_channel_req: channel 0 request
window-change reply 0
Feb 26 17:45:41 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: session_by_channel: session 0 channel 0
Feb 26 17:45:41 ipaclient5-sandbox-atdev-van.ipadomain.net sshd[414]: [ID
800047 auth.debug] debug1: session_input_channel_req: session 0 req
window-change
More information about the Freeipa-users
mailing list