Re: ssh authentication failed problem use freeradius & pam_radius
Hello,Alan. Thank you for you response. Alan wrote:
This is an issue with PAM on the client machine. Some other module is doing password checking. When the password check fails, it re-sets the password to "INCORRECT". That password is then sent to the pam_radius module. Go fix the client so that the PAM modules don't change the password.
My /etc/pam.d/sshd file contains the following settings: -bash-3.2# cat sshd #%PAM-1.0 auth sufficient pam_radius_auth.so debug auth include system-auth account sufficient pam_radius_auth.so account required pam_nologin.so account include system-auth password sufficient pam_radius_auth.so password include system-auth session sufficient pam_radius_auth.so session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so
小牧 <muxin@yahoo.cn>wrote:
This is an issue with PAM on the client machine. Some other module is doing password checking. When the password check fails, it re-sets the password to "INCORRECT". That password is then sent to the pam_radius module. Go fix the client so that the PAM modules don't change the password.
My /etc/pam.d/sshd file contains the following settings:
I had a similar problem today. PAM considered the user illegal because the uid in question was unknown on the machine to be accessed by ssh. Adding the user locally was required anyway, I had forgotten that on that particular machine, there are only local accounts. HTH (and thanx to Alan) Martin -- Dr. Martin Pauly Phone: +49-6421-28-23527 HRZ Univ. Marburg Fax: +49-6421-28-26994 Hans-Meerwein-Str. E-Mail: pauly@HRZ.Uni-Marburg.DE D-35032 Marburg
participants (2)
-
Martin Pauly -
小牧