[Freeipa-users] gssapi ssh works, pam user/password does not work
Sumit Bose
sbose at redhat.com
Thu Nov 5 09:14:55 UTC 2015
On Thu, Nov 05, 2015 at 10:05:19AM +0100, Natxo Asenjo wrote:
> On Thu, Nov 5, 2015 at 10:03 AM, Natxo Asenjo <natxo.asenjo at gmail.com>
> wrote:
>
> > hi,
> >
> > since yesterday I have a strange situation in one of our joined hosts.
> >
> > i can login using a kerberos ticket, but not using name/password.
> >
> > In /var/log/secure I see this:
> >
> > sshd[29607]: pam_sss(sshd:auth): received for user username: 4 (System
> > error)
> >
>
> sorry, sent too early.
>
> how can I troubleshoot this issue?
You should check the SSSD debug logs, see
https://fedorahosted.org/sssd/wiki/Troubleshooting for details about how
to enable debug logging and where to find the logs.
My guess is that SSSD has issues reaching a server so the domain log and
the krb5_child log would be the files I'd check first.
If the logs don't help you feel free to send them directly to me, if
possible with debug level 10.
HTH
bye,
Sumit
>
> --
> --
> Groeten,
> natxo
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list