FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 02-04-2011, 07:43 PM
Madan Thapa
 
Default Issue with SSH

what does the file /etc/pam.d/sshd look like?



On Sat, Feb 5, 2011 at 1:57 AM, Matty Sarro <msarro@gmail.com> wrote:

> We have two servers that synchronize between one another using SSH.
> The user that the software uses for some reason isn't working. When
> you ssh into the server using the user, you are prompted for a
> password. When you enter the password, you get an authentication
> failure. We have verified the password, and recreated it numerous
> times. SSH still doesn't appear to be working. Anyone have any clues?
>
> Here is whats in /var/log/secure:
>
> Feb 4 15:25:10 basmanps01 sshd[30754]: pam_tally(sshd:auth): user
> USERNAME (501) tally 14412, deny 5
> Feb 4 15:25:10 basmanps01 sshd[30686]: Postponed keyboard-interactive
> for USERNAME from 10.253.140.74 port 36951 ssh2
> Feb 4 15:25:10 basmanps01 sshd[30754]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=baschips01 user=USERNAME
> Feb 4 15:25:11 basmanps01 sshd[30685]: error: PAM: Authentication
> failure for USERNAME from baschips01
> Feb 4 15:25:11 basmanps01 sshd[30755]: pam_tally(sshd:auth): user
> USERNAME (501) tally 14413, deny 5
> Feb 4 15:25:11 basmanps01 sshd[30686]: Postponed keyboard-interactive
> for USERNAME from 10.253.140.74 port 36951 ssh2
> Feb 4 15:25:11 basmanps01 sshd[30755]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=baschips01 user=USERNAME
> Feb 4 15:25:14 basmanps01 sshd[30685]: error: PAM: Authentication
> failure for USERNAME from baschips01
> Feb 4 15:25:14 basmanps01 sshd[30685]: Failed none for USERNAME from
> 10.253.140.74 port 36951 ssh2
> Feb 4 15:25:14 basmanps01 sshd[30685]: Failed password for USERNAME
> from 10.253.140.74 port 36951 ssh2
> Feb 4 15:25:14 basmanps01 sshd[30686]: Disconnecting: Too many
> authentication failures for USERNAME
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 02-04-2011, 07:50 PM
 
Default Issue with SSH

Matty Sarro wrote:
> We have two servers that synchronize between one another using SSH.
> The user that the software uses for some reason isn't working. When
> you ssh into the server using the user, you are prompted for a
> password. When you enter the password, you get an authentication
> failure. We have verified the password, and recreated it numerous
> times. SSH still doesn't appear to be working. Anyone have any clues?

First: did it ever work? If so, what are the permissions on ~<user>/.ssh?
Second: if not,
a) what does your system-auth look like?
b) what files are in system[12]:~<user>/.ssh?

mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 02-04-2011, 07:57 PM
Matty Sarro
 
Default Issue with SSH

#%PAM-1.0
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so


I actually just disabled PAM in /etc/ssh/sshd_config and it appears to
be working now. Is not using PAM a security issue?




On Fri, Feb 4, 2011 at 3:43 PM, Madan Thapa <madan.feedback@gmail.com> wrote:
> what does the file */etc/pam.d/sshd *look like?
>
>
>
> On Sat, Feb 5, 2011 at 1:57 AM, Matty Sarro <msarro@gmail.com> wrote:
>
>> We have two servers that synchronize between one another using SSH.
>> The user that the software uses for some reason isn't working. When
>> you ssh into the server using the user, you are prompted for a
>> password. When you enter the password, you get an authentication
>> failure. We have verified the password, and recreated it numerous
>> times. SSH still doesn't appear to be working. Anyone have any clues?
>>
>> Here is whats in /var/log/secure:
>>
>> Feb *4 15:25:10 basmanps01 sshd[30754]: pam_tally(sshd:auth): user
>> USERNAME (501) tally 14412, deny 5
>> Feb *4 15:25:10 basmanps01 sshd[30686]: Postponed keyboard-interactive
>> for USERNAME from 10.253.140.74 port 36951 ssh2
>> Feb *4 15:25:10 basmanps01 sshd[30754]: pam_unix(sshd:auth):
>> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
>> rhost=baschips01 *user=USERNAME
>> Feb *4 15:25:11 basmanps01 sshd[30685]: error: PAM: Authentication
>> failure for USERNAME from baschips01
>> Feb *4 15:25:11 basmanps01 sshd[30755]: pam_tally(sshd:auth): user
>> USERNAME (501) tally 14413, deny 5
>> Feb *4 15:25:11 basmanps01 sshd[30686]: Postponed keyboard-interactive
>> for USERNAME from 10.253.140.74 port 36951 ssh2
>> Feb *4 15:25:11 basmanps01 sshd[30755]: pam_unix(sshd:auth):
>> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
>> rhost=baschips01 *user=USERNAME
>> Feb *4 15:25:14 basmanps01 sshd[30685]: error: PAM: Authentication
>> failure for USERNAME from baschips01
>> Feb *4 15:25:14 basmanps01 sshd[30685]: Failed none for USERNAME from
>> 10.253.140.74 port 36951 ssh2
>> Feb *4 15:25:14 basmanps01 sshd[30685]: Failed password for USERNAME
>> from 10.253.140.74 port 36951 ssh2
>> Feb *4 15:25:14 basmanps01 sshd[30686]: Disconnecting: Too many
>> authentication failures for USERNAME
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 02-04-2011, 08:12 PM
Madan Thapa
 
Default Issue with SSH

Try this command :


cd /etc/pam.d ; grep -lr pam_listfile . ( notice dot at the
end)




and see, if it lists any file that is using pam_listfile option.


if it is, paste the content of that file














On Sat, Feb 5, 2011 at 2:27 AM, Matty Sarro <msarro@gmail.com> wrote:

> #%PAM-1.0
> auth include system-auth
> account required pam_nologin.so
> account include system-auth
> password include system-auth
> session optional pam_keyinit.so force revoke
> session include system-auth
> session required pam_loginuid.so
>
>
> I actually just disabled PAM in /etc/ssh/sshd_config and it appears to
> be working now. Is not using PAM a security issue?
>
>
>
>
> On Fri, Feb 4, 2011 at 3:43 PM, Madan Thapa <madan.feedback@gmail.com>
> wrote:
> > what does the file /etc/pam.d/sshd look like?
> >
> >
> >
> > On Sat, Feb 5, 2011 at 1:57 AM, Matty Sarro <msarro@gmail.com> wrote:
> >
> >> We have two servers that synchronize between one another using SSH.
> >> The user that the software uses for some reason isn't working. When
> >> you ssh into the server using the user, you are prompted for a
> >> password. When you enter the password, you get an authentication
> >> failure. We have verified the password, and recreated it numerous
> >> times. SSH still doesn't appear to be working. Anyone have any clues?
> >>
> >> Here is whats in /var/log/secure:
> >>
> >> Feb 4 15:25:10 basmanps01 sshd[30754]: pam_tally(sshd:auth): user
> >> USERNAME (501) tally 14412, deny 5
> >> Feb 4 15:25:10 basmanps01 sshd[30686]: Postponed keyboard-interactive
> >> for USERNAME from 10.253.140.74 port 36951 ssh2
> >> Feb 4 15:25:10 basmanps01 sshd[30754]: pam_unix(sshd:auth):
> >> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> >> rhost=baschips01 user=USERNAME
> >> Feb 4 15:25:11 basmanps01 sshd[30685]: error: PAM: Authentication
> >> failure for USERNAME from baschips01
> >> Feb 4 15:25:11 basmanps01 sshd[30755]: pam_tally(sshd:auth): user
> >> USERNAME (501) tally 14413, deny 5
> >> Feb 4 15:25:11 basmanps01 sshd[30686]: Postponed keyboard-interactive
> >> for USERNAME from 10.253.140.74 port 36951 ssh2
> >> Feb 4 15:25:11 basmanps01 sshd[30755]: pam_unix(sshd:auth):
> >> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> >> rhost=baschips01 user=USERNAME
> >> Feb 4 15:25:14 basmanps01 sshd[30685]: error: PAM: Authentication
> >> failure for USERNAME from baschips01
> >> Feb 4 15:25:14 basmanps01 sshd[30685]: Failed none for USERNAME from
> >> 10.253.140.74 port 36951 ssh2
> >> Feb 4 15:25:14 basmanps01 sshd[30685]: Failed password for USERNAME
> >> from 10.253.140.74 port 36951 ssh2
> >> Feb 4 15:25:14 basmanps01 sshd[30686]: Disconnecting: Too many
> >> authentication failures for USERNAME
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 02-07-2011, 09:44 AM
Nigel Wade
 
Default Issue with SSH

On 04/02/11 20:57, Matty Sarro wrote:
> #%PAM-1.0
> auth include system-auth
> account required pam_nologin.so
> account include system-auth
> password include system-auth
> session optional pam_keyinit.so force revoke
> session include system-auth
> session required pam_loginuid.so
>

What's in system-auth?

The logs show pam_tally output, but there's no mention of it in that
file. Maybe pam_tally is being triggered with too many failed login
attempts.

--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@ion.le.ac.uk
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 10:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org