[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Pam-list Digest, Vol 38, Issue 6

From: Nick Owen <nowen wikidsystems com>
To: Pluggable Authentication Modules <pam-list redhat com>
Subject: Re: Pam-list Digest, Vol 38, Issue 6
Date: Mon, 16 Apr 2007 17:42:31 -0400

> Mon Apr 16 17:31:11 2007 [26137]: db_get_host: getting hkey from nas(IP)
> Mon Apr 16 17:31:11 2007 [26137]: Error verify: failed - could not
> authenticate for user 'root' on NAS 'IP'
> Mon Apr 16 17:31:11 2007 [26137]: default_fn: pap-login query for 'root'
> ssh from IP rejected

Looks like your server is expecting a pap login, which, IIRC, is
unencrypted.  I suggest trying to remove chap on the client (removing
the "secret=MySecret encrypt" ") or enabling Chap on the server.
Obviously, the latter is better.  I haven't played with the tacacs in a
while, though and I could be way off base.

HTH,

Nick
-- 
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
https://www.linkedin.com/in/nickowen

References:
- Re: Pam-list Digest, Vol 38, Issue 6
  - From: Andreas Schindler
- Re: Pam-list Digest, Vol 38, Issue 6
  - From: Roberto Dud

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]