[Freeipa-users] Preauth module encrypted_challenge Cannot read password
Berkouwer, Walter
walter.berkouwer at sogeti.com
Thu May 11 13:07:25 UTC 2017
Hello
I am trying to setup an IPA configuration at an remote site. I got the ssh-connection working with a 6.6 client ( ipa-client version 3.0.0), but I can't get it working with a 7.3 client ( ipa-client version 4.4.0 ).
Version of the server is 4.4.0.
Can some help me with this problem.
>From the logfiles I got the following messages.
/var/log/secure:
May 11 13:05:10 edsnfmwsv009 sshd[14026]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.72.145 user=berkouwa
May 11 13:05:10 edsnfmwsv009 sshd[14026]: pam_sss(sshd:auth): received for user berkouwa: 17 (Failure setting user credentials)
May 11 13:05:10 edsnfmwsv009 sshd[14021]: error: PAM: Authentication failure for berkouwa from 192.168.72.145
May 11 13:05:10 edsnfmwsv009 sshd[14021]: Postponed keyboard-interactive for berkouwa from 192.168.72.145 port 51772 ssh2 [preauth]
/var/log/sssd/krb5_child.log:
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_child_krb5_trace_cb] (0x4000): [14030] 1494500710.640900: Received cookie: MIT
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_krb5_responder] (0x4000): Got question [password].
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_krb5_prompter] (0x4000): sss_krb5_prompter name [(null)] banner [(null)] num_prompts [1] EINVAL.
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_krb5_prompter] (0x0020): Cannot handle password prompts.
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_krb5_prompter] (0x4000): Prompt [0][Password for berkouwa at EDSN.LOCAL].
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [sss_child_krb5_trace_cb] (0x4000): [14030] 1494500710.640958: Preauth module encrypted_challenge (138) (real) returned: -1765328254/Cannot read password
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [get_and_save_tgt] (0x0400): krb5_get_init_creds_password returned [-1765328254} during pre-auth.
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [k5c_send_data] (0x0200): Received error code 0
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [pack_response_packet] (0x2000): response packet size: [12]
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [k5c_send_data] (0x4000): Response sent.
(Thu May 11 13:05:10 2017) [[sssd[krb5_child[14030]]]] [main] (0x0400): krb5_child completed successfully
I placed the full logfiles and the sssd.conf here: https://drive.google.com/open?id=0B66tVXzcZy1CdFZNb1dvUjk4Tnc
Walter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170511/467374c0/attachment.htm>
More information about the Freeipa-users
mailing list