[Swan] XAUTH: PAM auth chain failed with '7' on CentOS 7
Nels Lindquist
nlindq at maei.ca
Tue Aug 26 17:46:55 EEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 8/21/2014 2:48 PM, Paul Wouters wrote:
> Is your /etc/ipsec.d/passwd marked with the proper connection ?
>
> Note that Matt might be right about the crypt() call, although it
> is odd. But you can try using htpasswd -d to generate crypt()
> passwords.
Without having previously read this thread (though I have now), in an
attempt to bypass the issues I'm having with Windows IPSEC/L2TP I
independently tried the Shrewsoft client and can confirm this issue is
happening for me on CentOS 6. Using file XAUTH doesn't work unless I
use crypt hashing in /etc/ipsec.d/passwd (I first tried SHA and MD5 to
no avail).
PAM authentication also fails, with the same error Pontus was
reporting. I tried adding the /etc/pam.d/pluto line as Paul
suggested, but it made no difference.
Not sure if this is helpful, but at least we know the issue isn't
unique to RHEL7. Test boxes are up and running, so please let me know
if any additional logs/config tweaking would be helpful for
troubleshooting.
- --
Nels Lindquist
<nlindq at maei.ca>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
iEYEARECAAYFAlP8nd0ACgkQh6z5POoOLgTIKACgieaoLvu+TjpXbpMLFEUtad4x
ZiYAn2Sfhm+u0j3fCm05oykSFDn9atag
=NSSI
-----END PGP SIGNATURE-----
More information about the Swan
mailing list