[Swan] XAUTH: PAM auth chain failed with '7' on CentOS 7
Remy van Elst
relst at relst.nl
Fri Aug 22 18:50:02 EEST 2014
On 08/22/14 16:57, Paul Wouters wrote:
> On Fri, 22 Aug 2014, Remy van Elst wrote:
>
>>> chpasswd(8) can do that, but the pam method in pluto doesn't run
>>> anything
>>> through crypt (it will leave the password verification to the pam
>>> stack),
>>> and crypt would support the SHA512 type. Is your system-auth
>>> configuration much
>>> different than the RHEL/CentOS default?
>>
>> It is a default CentOS (7) shadow file.
>
> I am confused. Are you trying to use a copy of /etc/shadow as
> /etc/ipsec.d/passwd with xauthby=file? Or are you trying to use system
> authentication with xauthby=pam ?
>
> If the first, did you actually add ":connname" to each line and remove
> the trailing colons?
>
> Paul
I want to use system authentication with xauthby=pam. Not copy the
shadow file.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x1B7F88DC.asc
Type: application/pgp-keys
Size: 1714 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20140822/4e7e86c4/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20140822/4e7e86c4/attachment.sig>
More information about the Swan
mailing list