[Swan-dev] _parse_pam_auth_rsp: AUTH FAILURE
Balaji Thoguluva
tbbalaji at gmail.com
Sun Nov 29 22:07:24 UTC 2020
Hi Folks,
I am using Linux Libreswan 3.25 (netkey) on 4.14.35.
I have a configuration.
conn tacacspsk
ikev2=yes
left=10.196.175.174
leftsubnet=10.196.175.174/32
leftprotoport=17/1812
right=10.196.176.11
rightsubnet=10.196.176.11/32
rightprotoport=17/1812
auto=ondemand
ike=aes256-sha256;dh14
phase2=esp
phase2alg=aes256-sha1;modp2048
pfs=yes
authby=secret
type=tunnel
esn=no
rekey=yes
salifetime=300s
ikelifetime=3600s
dpddelay=30s
dpdtimeout=60s
dpdaction=restart
The very first time, IKEv2/IPsec tunnel gets established correctly. I
establish the tunnel by triggering a RADIUS packet matching the above
parameters and this packet triggers the tunnel from Libreswan to the other
end.
Now I tear down the tunnel from the other end and I verified there is no
tunnel/SA's in Libreswan. Now if I again attempt to establish the same
tunnel by triggering the RADIUS packet, then the tunnel attempt from
Libreswan fails. No IKE packets sent out from Libreswan.
Please see attached the full logs of pluto.
I see authentication failure in the PAM module. Not sure if it is the cause
of the problem.
2020-11-29T21:29:28.984406+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): pam_sm_authenticate: started
2020-11-29T21:29:28.984415+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): pam_sm_authenticate: username is [balaji]
2020-11-29T21:29:28.984420+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): pam_sm_authenticate: proxy path is: /tmp/authd-proxy
2020-11-29T21:29:28.984445+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _init_auth_data: PAM_RHOST is: 10.196.0.95:37094
2020-11-29T21:29:28.984458+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _init_auth_data: extracted remote_ip: 10.196.0.95
2020-11-29T21:29:28.984468+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _init_auth_data: extracted remote_port: 37094
2020-11-29T21:29:28.984473+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): pam_sm_authenticate: sending AUTHP_PAM_START_REQ to
fd{7}
2020-11-29T21:29:28.984482+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _send_pam_start_req: sent message to fd{7}
2020-11-29T21:29:28.984780+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: parsing message
2020-11-29T21:29:28.984791+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: extracted status: SUCCESS
2020-11-29T21:29:28.984796+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: matched user: balaji
2020-11-29T21:29:28.984801+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: matched ip: 10.196.0.95
2020-11-29T21:29:28.984806+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: matched port: 37094
2020-11-29T21:29:28.984811+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: extracted auth-type: 2 for
user: balaji
2020-11-29T21:29:28.984817+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: extracted login-mode: 1 for
user: balaji
2020-11-29T21:29:28.984822+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_start_rsp: extracted jitc-mode: NONE for
user: balaji
2020-11-29T21:29:31.375130+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _get_user_input: conversation complete
2020-11-29T21:29:31.375148+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _send_pam_auth_req: sent message to fd{7}
2020-11-29T21:29:47.387081+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: parsing message
2020-11-29T21:29:47.387092+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: AUTH FAILURE
2020-11-29T21:29:47.387095+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: matched user: balaji
2020-11-29T21:29:47.387098+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: matched ip: 10.196.0.95
2020-11-29T21:29:47.387102+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: matched port: 37094
2020-11-29T21:29:47.387105+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: extracted action: 2
2020-11-29T21:29:47.387108+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): _parse_pam_auth_rsp: extracted errcode: 0
2020-11-29T21:29:47.387110+00:00 [localhost] sshd[3391]:
pam_authp(sshd:auth): pam_sm_authenticate: AUTHENTICATION FAILED
Any idea on what is going wrong?
Thanks,
Balaji
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20201129/b049c7f7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: auth.log
Type: application/octet-stream
Size: 67952 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20201129/b049c7f7/attachment-0001.obj>
More information about the Swan-dev
mailing list