[Freeipa-users] Users can't login on some systems.

Lakshan Jayasekara Lakshan.Jayasekara at lankaclear.com
Fri May 5 11:58:42 UTC 2017 

Ipa user authentication failure on centos client. Login using a valid account and login success for other ipa client servers. It would be great if you can provide any hind or any modification to overcome the situation.


Below is the audit log

type=USER_START msg=audit(1493987877.034:112): pid=2333 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1493987877.052:113): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ad:95:6a:ee:f6:9b:39:1c:e1:ea:1d:c4:04:8b:2d:6d direction=? spid=2344 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/0 res=success'
type=CRYPTO_KEY_USER msg=audit(1493987877.053:114): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ec:42:62:ce:a9:56:92:f3:0b:a2:9f:b2:eb:ca:f0:4c direction=? spid=2344 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/0 res=success'
type=CRYPTO_KEY_USER msg=audit(1493987877.053:115): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=d2:56:9c:49:db:85:40:df:34:de:78:82:e5:fb:66:4e direction=? spid=2344 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/0 res=success'
type=USER_LOGIN msg=audit(1493987877.057:116): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=/dev/pts/0 res=success'
type=USER_START msg=audit(1493987877.057:117): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=/dev/pts/0 res=success'
type=CRED_REFR msg=audit(1493987877.063:118): pid=2344 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1493987950.855:119): pid=2367 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ad:95:6a:ee:f6:9b:39:1c:e1:ea:1d:c4:04:8b:2d:6d direction=? spid=2367 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1493987950.855:120): pid=2367 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ec:42:62:ce:a9:56:92:f3:0b:a2:9f:b2:eb:ca:f0:4c direction=? spid=2367 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1493987950.856:121): pid=2367 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=d2:56:9c:49:db:85:40:df:34:de:78:82:e5:fb:66:4e direction=? spid=2367 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1493987950.859:122): pid=2366 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=diffie-hellman-group-exchange-sha256 spid=2367 suid=74 rport=50587 laddr=192.168.220.5 lport=22  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1493987950.859:123): pid=2366 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=diffie-hellman-group-exchange-sha256 spid=2367 suid=74 rport=50587 laddr=192.168.220.5 lport=22  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=USER_AUTH msg=audit(1493988003.357:124): pid=2369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="lakshan_864" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1493988003.360:125): pid=2366 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=challenge-response acct="lakshan_864" exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1493988025.470:126): pid=2376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ad:95:6a:ee:f6:9b:39:1c:e1:ea:1d:c4:04:8b:2d:6d direction=? spid=2376 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1493988025.470:127): pid=2376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ec:42:62:ce:a9:56:92:f3:0b:a2:9f:b2:eb:ca:f0:4c direction=? spid=2376 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1493988025.470:128): pid=2376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=d2:56:9c:49:db:85:40:df:34:de:78:82:e5:fb:66:4e direction=? spid=2376 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1493988025.473:129): pid=2375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=diffie-hellman-group-exchange-sha256 spid=2376 suid=74 rport=50620 laddr=192.168.220.5 lport=22  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1493988025.473:130): pid=2375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=diffie-hellman-group-exchange-sha256 spid=2376 suid=74 rport=50620 laddr=192.168.220.5 lport=22  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=USER_AUTH msg=audit(1493988068.166:131): pid=2377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_localuser,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=USER_ACCT msg=audit(1493988068.172:132): pid=2377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1493988068.176:133): pid=2375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2376 suid=74 rport=50620 laddr=192.168.220.5 lport=22  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=? res=success'
type=USER_AUTH msg=audit(1493988068.178:134): pid=2375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1493988068.180:135): pid=2375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=LOGIN msg=audit(1493988068.180:136): pid=2375 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 old-ses=4294967295 ses=2 res=1
type=USER_ROLE_CHANGE msg=audit(1493988068.569:137): pid=2375 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=USER_START msg=audit(1493988068.606:138): pid=2375 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1493988068.623:139): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ad:95:6a:ee:f6:9b:39:1c:e1:ea:1d:c4:04:8b:2d:6d direction=? spid=2380 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1493988068.624:140): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=ec:42:62:ce:a9:56:92:f3:0b:a2:9f:b2:eb:ca:f0:4c direction=? spid=2380 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1493988068.624:141): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=d2:56:9c:49:db:85:40:df:34:de:78:82:e5:fb:66:4e direction=? spid=2380 suid=0  exe="/usr/sbin/sshd" hostname=? addr=192.168.104.2 terminal=pts/1 res=success'
type=USER_LOGIN msg=audit(1493988068.628:142): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1493988068.628:143): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=/dev/pts/1 res=success'
type=CRED_REFR msg=audit(1493988068.633:144): pid=2380 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=192.168.104.2 addr=192.168.104.2 terminal=ssh res=success'


Best Regards,

Reply / Forwarded by
Lakshanth Chandika Jayasekara
Senior Systems Engineer

Confidentiality Notice: The information contained in this message is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the author immediately by replying to this message and delete the original message. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. This email has been scanned for all viruses by the Symantec End Point Protection Email Security System.
P     Save a tree. Don't print this e-mail unless it's really necessary.

From: Lakshan Jayasekara
Sent: Friday, May 5, 2017 5:06 PM
To: 'freeipa-users at redhat.com' <freeipa-users at redhat.com>
Subject: Permission Denied for IPA User

IPA user cannot login to the target centos system using the ssh. User and the password are valid and can access IPA server.


Lakshanth Chandika Jayasekara

[cid:image001.png at 01D1F258.46575F30]

Senior Systems Engineer

Mobile:+94 77 294 0396 |  Dir:+94 11 235 6949

General:+94 11 235 6900  Ext: 949 | Fax:+94 11 2544346

LankaClear (Pvt) Ltd, Level 18, Bank of Ceylon Head Office,

"BOC Square", No. 01, Bank of Ceylon Mw, Colombo 01, Sri Lanka.

http://www.lankaclear.com<http://www.lankaclear.com/>


Confidentiality Notice: The information contained in this message is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the author immediately by replying to this message and delete the original message. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. This email has been scanned for all viruses by the Symantec End Point Protection Email Security System.
P     Save a tree. Don't print this e-mail unless it's really necessary.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170505/b9472171/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 25203 bytes
Desc: image001.png
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170505/b9472171/attachment.png>

More information about the Freeipa-users mailing list