- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: PAM authentication error while login to HP-UX ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2013 11:09 PM - last edited on 04-23-2013 11:49 PM by Maiko-I
04-23-2013 11:09 PM - last edited on 04-23-2013 11:49 PM by Maiko-I
PAM authentication error while login to HP-UX 11.23
Hi All,
Am getting below error while login to the server. This user account is created newly and is a local account.
sshd[16187]: error: PAM: User account has expired for xxxxx
# cat /etc/nsswitch.conf
passwd: files [NOTFOUND=continue] ldap
cat /etc/pam.conf
# Authentication management
#
login auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
login auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
login auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
Please help me to resolve the issue.
P.S. This thread has been moved from HP-UX > System Administration to HP-UX > security - HP Forums Moderator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-24-2013 12:51 AM
04-24-2013 12:51 AM
Re: PAM authentication error while login to HP-UX 11.23
Hi,
Please attach the pam.conf file and the error you are getting while connecting to the server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-07-2013 12:36 AM
05-07-2013 12:36 AM
Re: PAM authentication error while login to HP-UX 11.23
# cat sshd_config | grep -v "^#" | grep -v "^$"
Protocol 2
HostKey /opt/ssh/etc/ssh_host_rsa_key
HostKey /opt/ssh/etc/ssh_host_dsa_key
MaxAuthTries 10
HostbasedAuthentication yes
IgnoreUserKnownHosts yes
PasswordAuthentication yes
PermitEmptyPasswords no
UsePAM yes
X11Forwarding yes
PrintMotd no
UseDNS yes
Subsystem sftp /opt/ssh/libexec/sftp-server
Message from syslog:-
May 7 07:34:59 xxxxxxx sshd[5011]: SSH: Server;Ltype: Version;Remote: zzzzzzz-50885;Protocol: 2.0;Client: OpenSSH_4.3
May 7 07:35:04 xxxxxxxx sshd[5011]: error: PAM: User account has expired for yyyyyy from zzzzzzz
May 7 07:35:07 xxxxxxx sshd[5011]: Failed password for yyyyyyy from zzzzzzz port 50885 ssh2
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug3: start over, passed a different list publickey,password,keyboard-interactive,hostbased
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/wwwwww/.ssh/id_rsa
debug3: no such identity: /home/wwwwwww/.ssh/id_rsa
debug1: Trying private key: /home/wwwwww/.ssh/id_dsa
debug3: no such identity: /home/wwwwww/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug3: packet_send2: adding 32 (len 23 padlen 9 extra_pad 64)
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
yyyyyyy@xxxxxxx's password:
debug3: packet_send2: adding 48 (len 61 padlen 19 extra_pad 64)
debug2: we sent a password packet, wait for reply
Connection closed by zzzzzzzzz
bash-3.00$
# Authentication management
#
login auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
login auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
login auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
su auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
su auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
su auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
dtlogin auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
dtlogin auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
dtaction auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
dtaction auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
dtaction auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
ftp auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
ftp auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
ftp auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
rcomds auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
rcomds auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
rcomds auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
sshd auth required /usr/lib/security/$ISA/libpam_hpsec.so.1
sshd auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
sshd auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
OTHER auth sufficient /usr/lib/security/$ISA/libpam_unix.so.1
OTHER auth required /usr/lib/security/$ISA/libpam_ldap.so.1 try_first_pass
#
# Account management
#
login account required /usr/lib/security/$ISA/libpam_hpsec.so.1
login account required /usr/lib/security/$ISA/libpam_authz.so.1
login account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
login account required /usr/lib/security/$ISA/libpam_ldap.so.1 rcommand
su account required /usr/lib/security/$ISA/libpam_hpsec.so.1
su account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
su account required /usr/lib/security/$ISA/libpam_ldap.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_hpsec.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_authz.so.1
dtlogin account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
dtlogin account required /usr/lib/security/$ISA/libpam_ldap.so.1
dtaction account required /usr/lib/security/$ISA/libpam_hpsec.so.1
dtaction account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
dtaction account required /usr/lib/security/$ISA/libpam_ldap.so.1
ftp account required /usr/lib/security/$ISA/libpam_hpsec.so.1
ftp account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
ftp account required /usr/lib/security/$ISA/libpam_ldap.so.1
rcomds account required /usr/lib/security/$ISA/libpam_hpsec.so.1
rcomds account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
rcomds account required /usr/lib/security/$ISA/libpam_ldap.so.1 rcommand
sshd account required /usr/lib/security/$ISA/libpam_hpsec.so.1
sshd account required /usr/lib/security/$ISA/libpam_authz.so.1
sshd account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
sshd account required /usr/lib/security/$ISA/libpam_ldap.so.1 rcommand
OTHER account required /usr/lib/security/$ISA/libpam_authz.so.1
OTHER account sufficient /usr/lib/security/$ISA/libpam_unix.so.1
OTHER account required /usr/lib/security/$ISA/libpam_ldap.so.1 rcommand
#