[tac_plus] Re: Issue when starting up
Hailu Meng
hailumeng at gmail.com
Thu Feb 18 20:02:46 UTC 2010
Sorry, I forgot to post the log, I just did the comparison again:
Successful login tac_plus log:
Thu Feb 18 13:33:30 2010 [26189]: Reading config
Thu Feb 18 13:33:30 2010 [26189]: Version F4.0.4.19 Initialized 1
Thu Feb 18 13:33:30 2010 [26189]: tac_plus server F4.0.4.19 starting
Thu Feb 18 13:33:30 2010 [26189]: uid=505 euid=505 gid=505 egid=505 s=4
Thu Feb 18 13:33:37 2010 [26189]: session request from 10.1.2.1 sock=5
Thu Feb 18 13:33:37 2010 [26189]: connect from 10.1.2.1 [10.1.2.1]
Thu Feb 18 13:33:37 2010 [26189]: Waiting for packet
Thu Feb 18 13:33:37 2010 [26189]: Read AUTHEN/START size=35
Thu Feb 18 13:33:37 2010 [26189]: validation request from 10.1.2.1
Thu Feb 18 13:33:37 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:37 2010 [26189]: version 192 (0xc0), type 1, seq no 1,
flags 0x1
Thu Feb 18 13:33:37 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 23 (0x17)
Thu Feb 18 13:33:37 2010 [26189]: End header
Thu Feb 18 13:33:37 2010 [26189]: type=AUTHEN/START, priv_lvl = 1
Thu Feb 18 13:33:37 2010 [26189]: action=login
Thu Feb 18 13:33:37 2010 [26189]: authen_type=ascii
Thu Feb 18 13:33:37 2010 [26189]: service=login
Thu Feb 18 13:33:37 2010 [26189]: user_len=0 port_len=4 (0x4),
rem_addr_len=11 (0xb)
Thu Feb 18 13:33:37 2010 [26189]: data_len=0
Thu Feb 18 13:33:37 2010 [26189]: User:
Thu Feb 18 13:33:37 2010 [26189]: port:
Thu Feb 18 13:33:37 2010 [26189]: tty1
Thu Feb 18 13:33:37 2010 [26189]: rem_addr:
Thu Feb 18 13:33:37 2010 [26189]: 10.1.10.1
Thu Feb 18 13:33:37 2010 [26189]: data:
Thu Feb 18 13:33:37 2010 [26189]: End packet
Thu Feb 18 13:33:37 2010 [26189]: Authen Start request
Thu Feb 18 13:33:37 2010 [26189]: choose_authen returns 1
Thu Feb 18 13:33:37 2010 [26189]: Writing AUTHEN/GETUSER size=55
Thu Feb 18 13:33:37 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:37 2010 [26189]: version 192 (0xc0), type 1, seq no 2,
flags 0x1
Thu Feb 18 13:33:37 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 43 (0x2b)
Thu Feb 18 13:33:37 2010 [26189]: End header
Thu Feb 18 13:33:37 2010 [26189]: type=AUTHEN status=4 (AUTHEN/GETUSER)
flags=0x0
Thu Feb 18 13:33:37 2010 [26189]: msg_len=37, data_len=0
Thu Feb 18 13:33:37 2010 [26189]: msg:
Thu Feb 18 13:33:37 2010 [26189]: 0xa User Access Verification 0xa
Thu Feb 18 13:33:37 2010 [26189]: data:
Thu Feb 18 13:33:37 2010 [26189]: End packet
Thu Feb 18 13:33:37 2010 [26189]: Waiting for packet
Thu Feb 18 13:33:39 2010 [26189]: Read AUTHEN/CONT size=23
Thu Feb 18 13:33:39 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:39 2010 [26189]: version 192 (0xc0), type 1, seq no 3,
flags 0x1
Thu Feb 18 13:33:39 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 11 (0xb)
Thu Feb 18 13:33:39 2010 [26189]: End header
Thu Feb 18 13:33:39 2010 [26189]: type=AUTHEN/CONT
Thu Feb 18 13:33:39 2010 [26189]: user_msg_len 6 (0x6), user_data_len 0
(0x0)
Thu Feb 18 13:33:39 2010 [26189]: flags=0x0
Thu Feb 18 13:33:39 2010 [26189]: User msg:
Thu Feb 18 13:33:39 2010 [26189]: *testuser* *<-- Input my username*
Thu Feb 18 13:33:39 2010 [26189]: User data:
Thu Feb 18 13:33:39 2010 [26189]: End packet
Thu Feb 18 13:33:39 2010 [26189]: choose_authen chose default_fn
Thu Feb 18 13:33:39 2010 [26189]: Calling authentication function
Thu Feb 18 13:33:40 2010 [26189]: Writing AUTHEN/GETPASS size=28
Thu Feb 18 13:33:40 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:40 2010 [26189]: version 192 (0xc0), type 1, seq no 4,
flags 0x1
Thu Feb 18 13:33:40 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 16 (0x10)
Thu Feb 18 13:33:40 2010 [26189]: End header
Thu Feb 18 13:33:40 2010 [26189]: type=AUTHEN status=5 (AUTHEN/GETPASS)
flags=0x1
Thu Feb 18 13:33:40 2010 [26189]: msg_len=10, data_len=0
Thu Feb 18 13:33:40 2010 [26189]: msg:
Thu Feb 18 13:33:40 2010 [26189]: Password:
Thu Feb 18 13:33:40 2010 [26189]: data:
Thu Feb 18 13:33:40 2010 [26189]: End packet
Thu Feb 18 13:33:40 2010 [26189]: Waiting for packet
Thu Feb 18 13:33:46 2010 [26189]: Read AUTHEN/CONT size=28
Thu Feb 18 13:33:46 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:46 2010 [26189]: version 192 (0xc0), type 1, seq no 5,
flags 0x1
Thu Feb 18 13:33:46 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 16 (0x10)
Thu Feb 18 13:33:46 2010 [26189]: End header
Thu Feb 18 13:33:46 2010 [26189]: type=AUTHEN/CONT
Thu Feb 18 13:33:46 2010 [26189]: user_msg_len 11 (0xb), user_data_len 0
(0x0)
Thu Feb 18 13:33:46 2010 [26189]: flags=0x0
Thu Feb 18 13:33:46 2010 [26189]: User msg:
Thu Feb 18 13:33:46 2010 [26189]: *mypassword* *<-- Input my password*
Thu Feb 18 13:33:46 2010 [26189]: User data:
Thu Feb 18 13:33:46 2010 [26189]: End packet
Thu Feb 18 13:33:46 2010 [26189]: *login query for 'testuser' tty1 from
10.1.69.89 accepted* *<-- Succeeded*
Thu Feb 18 13:33:46 2010 [26189]: Writing AUTHEN/SUCCEED size=18
Thu Feb 18 13:33:46 2010 [26189]: PACKET: key=mykey
Thu Feb 18 13:33:46 2010 [26189]: version 192 (0xc0), type 1, seq no 6,
flags 0x1
Thu Feb 18 13:33:46 2010 [26189]: session_id 1034326774 (0x3da692f6), Data
length 6 (0x6)
Thu Feb 18 13:33:46 2010 [26189]: End header
Thu Feb 18 13:33:46 2010 [26189]: type=AUTHEN status=1 (AUTHEN/SUCCEED)
flags=0x0
Thu Feb 18 13:33:46 2010 [26189]: msg_len=0, data_len=0
Thu Feb 18 13:33:46 2010 [26189]: msg:
Thu Feb 18 13:33:46 2010 [26189]: data:
Thu Feb 18 13:33:46 2010 [26189]: End packet
Thu Feb 18 13:33:46 2010 [26189]: 10.1.2.1: disconnect
Unsuccessful login:
Thu Feb 18 13:42:14 2010 [27114]: Reading config
Thu Feb 18 13:42:14 2010 [27114]: Version F4.0.4.19 Initialized 1
Thu Feb 18 13:42:14 2010 [27114]: tac_plus server F4.0.4.19 starting
Thu Feb 18 13:42:14 2010 [27115]: *Backgrounded*
Thu Feb 18 13:42:14 2010 [27116]: uid=505 euid=505 gid=505 egid=505 s=0
Thu Feb 18 13:42:17 2010 [27116]: session request from 10.1.2.1 sock=2
Thu Feb 18 13:42:17 2010 [27117]: connect from 10.1.2.1 [10.1.2.1]
Thu Feb 18 13:42:17 2010 [27117]: Waiting for packet
Thu Feb 18 13:42:17 2010 [27117]: Read AUTHEN/START size=35
Thu Feb 18 13:42:17 2010 [27117]: validation request from 10.1.2.1
Thu Feb 18 13:42:17 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:17 2010 [27117]: version 192 (0xc0), type 1, seq no 1,
flags 0x1
Thu Feb 18 13:42:17 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 23 (0x17)
Thu Feb 18 13:42:17 2010 [27117]: End header
Thu Feb 18 13:42:17 2010 [27117]: type=AUTHEN/START, priv_lvl = 1
Thu Feb 18 13:42:17 2010 [27117]: action=login
Thu Feb 18 13:42:17 2010 [27117]: authen_type=ascii
Thu Feb 18 13:42:17 2010 [27117]: service=login
Thu Feb 18 13:42:17 2010 [27117]: user_len=0 port_len=4 (0x4),
rem_addr_len=11 (0xb)
Thu Feb 18 13:42:17 2010 [27117]: data_len=0
Thu Feb 18 13:42:17 2010 [27117]: User:
Thu Feb 18 13:42:17 2010 [27117]: port:
Thu Feb 18 13:42:17 2010 [27117]: tty1
Thu Feb 18 13:42:17 2010 [27117]: rem_addr:
Thu Feb 18 13:42:17 2010 [27117]: 10.1.10.1
Thu Feb 18 13:42:17 2010 [27117]: data:
Thu Feb 18 13:42:17 2010 [27117]: End packet
Thu Feb 18 13:42:17 2010 [27117]: Authen Start request
Thu Feb 18 13:42:17 2010 [27117]: choose_authen returns 1
Thu Feb 18 13:42:17 2010 [27117]: Writing AUTHEN/GETUSER size=55
Thu Feb 18 13:42:17 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:17 2010 [27117]: version 192 (0xc0), type 1, seq no 2,
flags 0x1
Thu Feb 18 13:42:17 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 43 (0x2b)
Thu Feb 18 13:42:17 2010 [27117]: End header
Thu Feb 18 13:42:17 2010 [27117]: type=AUTHEN status=4 (AUTHEN/GETUSER)
flags=0x0
Thu Feb 18 13:42:17 2010 [27117]: msg_len=37, data_len=0
Thu Feb 18 13:42:17 2010 [27117]: msg:
Thu Feb 18 13:42:17 2010 [27117]: 0xa User Access Verification 0xa
Thu Feb 18 13:42:17 2010 [27117]: data:
Thu Feb 18 13:42:17 2010 [27117]: End packet
Thu Feb 18 13:42:17 2010 [27117]: Waiting for packet
Thu Feb 18 13:42:18 2010 [27117]: Read AUTHEN/CONT size=23
Thu Feb 18 13:42:18 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:18 2010 [27117]: version 192 (0xc0), type 1, seq no 3,
flags 0x1
Thu Feb 18 13:42:18 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 11 (0xb)
Thu Feb 18 13:42:18 2010 [27117]: End header
Thu Feb 18 13:42:18 2010 [27117]: type=AUTHEN/CONT
Thu Feb 18 13:42:18 2010 [27117]: user_msg_len 6 (0x6), user_data_len 0
(0x0)
Thu Feb 18 13:42:18 2010 [27117]: flags=0x0
Thu Feb 18 13:42:18 2010 [27117]: User msg:
Thu Feb 18 13:42:18 2010 [27117]: *testuser* *<-- Input my username*
Thu Feb 18 13:42:18 2010 [27117]: User data:
Thu Feb 18 13:42:18 2010 [27117]: End packet
Thu Feb 18 13:42:18 2010 [27117]: choose_authen chose default_fn
Thu Feb 18 13:42:18 2010 [27117]: Calling authentication function
Thu Feb 18 13:42:18 2010 [27117]: Writing AUTHEN/GETPASS size=28
Thu Feb 18 13:42:18 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:18 2010 [27117]: version 192 (0xc0), type 1, seq no 4,
flags 0x1
Thu Feb 18 13:42:18 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 16 (0x10)
Thu Feb 18 13:42:18 2010 [27117]: End header
Thu Feb 18 13:42:18 2010 [27117]: type=AUTHEN status=5 (AUTHEN/GETPASS)
flags=0x1
Thu Feb 18 13:42:18 2010 [27117]: msg_len=10, data_len=0
Thu Feb 18 13:42:18 2010 [27117]: msg:
Thu Feb 18 13:42:18 2010 [27117]: Password:
Thu Feb 18 13:42:18 2010 [27117]: data:
Thu Feb 18 13:42:18 2010 [27117]: End packet
Thu Feb 18 13:42:18 2010 [27117]: Waiting for packet
Thu Feb 18 13:42:22 2010 [27117]: Read AUTHEN/CONT size=28
Thu Feb 18 13:42:22 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:22 2010 [27117]: version 192 (0xc0), type 1, seq no 5,
flags 0x1
Thu Feb 18 13:42:22 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 16 (0x10)
Thu Feb 18 13:42:22 2010 [27117]: End header
Thu Feb 18 13:42:22 2010 [27117]: type=AUTHEN/CONT
Thu Feb 18 13:42:22 2010 [27117]: user_msg_len 11 (0xb), user_data_len 0
(0x0)
Thu Feb 18 13:42:22 2010 [27117]: flags=0x0
Thu Feb 18 13:42:22 2010 [27117]: User msg:
Thu Feb 18 13:42:22 2010 [27117]: *mypassword* *<-- Input my password*
Thu Feb 18 13:42:22 2010 [27117]: User data:
Thu Feb 18 13:42:22 2010 [27117]: End packet
Thu Feb 18 13:42:22 2010 [27117]: *login query for 'hxmeng' tty1 from
10.1.2.1 accepted* *<-- Succeeded*
Thu Feb 18 13:42:22 2010 [27117]: Writing AUTHEN/SUCCEED size=18
Thu Feb 18 13:42:22 2010 [27117]: PACKET: key=mykey
Thu Feb 18 13:42:22 2010 [27117]: version 192 (0xc0), type 1, seq no 6,
flags 0x1
Thu Feb 18 13:42:22 2010 [27117]: session_id 3918696952 (0xe99291f8), Data
length 6 (0x6)
Thu Feb 18 13:42:22 2010 [27117]: End header
Thu Feb 18 13:42:22 2010 [27117]: type=AUTHEN status=1 (AUTHEN/SUCCEED)
flags=0x0
Thu Feb 18 13:42:22 2010 [27117]: msg_len=0, data_len=0
Thu Feb 18 13:42:22 2010 [27117]: msg:
Thu Feb 18 13:42:22 2010 [27117]: data:
Thu Feb 18 13:42:22 2010 [27117]: End packet
Thu Feb 18 13:42:22 2010 [27117]: 10.1.2.1: disconnect
*<------ This above is the same as successful one, from here, I got another
"Password" Prompt asking for password*. *Even I input my correct password
for the 2nd time, it just doesn't allow me in*.* I also tried wrong password
for the first time password input on purpose, I did get rejected message
like "login query for 'testuser' tty1 from 10.1.2.1 rejected"*
Thu Feb 18 13:42:28 2010 [27116]: session request from 10.1.2.1 sock=2
Thu Feb 18 13:42:28 2010 [27135]: connect from 10.1.2.1 [10.1.2.1]
Thu Feb 18 13:42:28 2010 [27135]: Waiting for packet
Thu Feb 18 13:42:28 2010 [27135]: Read AUTHEN/START size=35
Thu Feb 18 13:42:28 2010 [27135]: validation request from 10.1.2.1
Thu Feb 18 13:42:28 2010 [27135]: PACKET: key=mykey
Thu Feb 18 13:42:28 2010 [27135]: version 192 (0xc0), type 1, seq no 1,
flags 0x1
Thu Feb 18 13:42:28 2010 [27135]: session_id 3154815253 (0xbc0aa915), Data
length 23 (0x17)
Thu Feb 18 13:42:28 2010 [27135]: End header
Thu Feb 18 13:42:28 2010 [27135]: type=AUTHEN/START, priv_lvl = 1
Thu Feb 18 13:42:28 2010 [27135]: action=login
Thu Feb 18 13:42:28 2010 [27135]: authen_type=ascii
Thu Feb 18 13:42:28 2010 [27135]: service=login
Thu Feb 18 13:42:28 2010 [27135]: user_len=0 port_len=4 (0x4),
rem_addr_len=11 (0xb)
Thu Feb 18 13:42:28 2010 [27135]: data_len=0
Thu Feb 18 13:42:28 2010 [27135]: User:
Thu Feb 18 13:42:28 2010 [27135]: port:
Thu Feb 18 13:42:28 2010 [27135]: tty1
Thu Feb 18 13:42:28 2010 [27135]: rem_addr:
Thu Feb 18 13:42:28 2010 [27135]: 10.1.10.1
Thu Feb 18 13:42:28 2010 [27135]: data:
Thu Feb 18 13:42:28 2010 [27135]: End packet
Thu Feb 18 13:42:28 2010 [27135]: Authen Start request
Thu Feb 18 13:42:28 2010 [27135]: choose_authen returns 1
Thu Feb 18 13:42:28 2010 [27135]: Writing AUTHEN/GETUSER size=55
Thu Feb 18 13:42:28 2010 [27135]: PACKET: key=mykey
Thu Feb 18 13:42:28 2010 [27135]: version 192 (0xc0), type 1, seq no 2,
flags 0x1
Thu Feb 18 13:42:28 2010 [27135]: session_id 3154815253 (0xbc0aa915), Data
length 43 (0x2b)
Thu Feb 18 13:42:28 2010 [27135]: End header
Thu Feb 18 13:42:28 2010 [27135]: type=AUTHEN status=4 (AUTHEN/GETUSER)
flags=0x0
Thu Feb 18 13:42:28 2010 [27135]: msg_len=37, data_len=0
Thu Feb 18 13:42:28 2010 [27135]: msg:
Thu Feb 18 13:42:28 2010 [27135]: 0xa User Access Verification 0xa
Thu Feb 18 13:42:28 2010 [27135]: data:
Thu Feb 18 13:42:28 2010 [27135]: End packet
Thu Feb 18 13:42:28 2010 [27135]: Waiting for packet
So weird thing is why it accepted my login but ask for password again.
Background and foreground can give this difference. It's really weird.
Thanks John for the help.
Lou
On Thu, Feb 18, 2010 at 1:21 PM, john heasley <heas at shrubbery.net> wrote:
> Thu, Feb 18, 2010 at 12:02:20PM -0600, Hailu Meng:
> > Thanks John. I tried to debug aaa information in my switch. I deleted the
> > authorization and accounting setup in my switch trying to make thing
> simple.
> > Here is my current setup in swtich:
> > aaa new-model
> > aaa authentication login default group tacacs+ line
> > aaa authentication enable default group tacacs+ enable
> >
> > Very simple one.
> >
> > And I compared the successful and unsuccessful login debug here. I also
> > checked my Active Directory server, the events there are totally same for
> > successful and unsuccessful login.
> >
> > Successful login:
> > Feb 18 11:21:30.813 CST: tty1 AAA/DISC: 1/"User Request"
> > Feb 18 11:21:30.817 CST: tty1 AAA/DISC/EXT: 1020/"User Request"
> > Feb 18 11:21:30.817 CST: tty1 AAA/DISC: 9/"NAS Error"
> > Feb 18 11:21:30.817 CST: tty1 AAA/DISC/EXT: 1002/"Unknown"
> > Feb 18 11:21:30.817 CST: AAA/MEMORY: free_user (0x80CF5BDC) user=''
> ruser=''
> > port='tty1' rem_addr='10.1.10.1' authen_type=ASCII service=LOGIN priv=1
> >
> > Unsuccessful login:
> > Feb 18 11:47:45.392 CST: tty1 AAA/DISC: 1/"User Request"
> > Feb 18 11:47:45.392 CST: tty1 AAA/DISC/EXT: 1020/"User Request"
> > Feb 18 11:47:45.392 CST: tty1 AAA/DISC: 9/"NAS Error"
> > Feb 18 11:47:45.396 CST: tty1 AAA/DISC/EXT: 1002/"Unknown"
> > Feb 18 11:47:45.396 CST: AAA/MEMORY: free_user (0x80CEAC74)
> user='testuser'
> > ruser='' port='tty1' rem_addr='10.1.10.1' authen_type=ASCII service=LOGIN
> > priv=1
> > Feb 18 11:48:00.248 CST: AAA: parse name=tty1 idb type=-1 tty=-1
> > Feb 18 11:48:00.248 CST: AAA: name=tty1 flags=0x11 type=5 shelf=0 slot=0
> > adapter=0 port=1 channel=0
> > Feb 18 11:48:00.248 CST: AAA/MEMORY: create_user (0x80D7FC00) user=''
> > ruser='' port='tty1' rem_addr='10.1.10.1' authen_type=ASCII service=LOGIN
> > priv=1
> >
> >
> > The difference here is when the successful login happens, the "user" name
> is
> > empty but unsuccessful login has real user name "testuser" value. This
> > sounds weird to me. Total opposite to my thinking. I did several
> > comparisons. All same log.
>
> what was in the tac_plus packet log (-d 256) ?
>
> > I just wonder why background and foreground has this difference. In
> > addition, not sure "NAS error" is a problem or not. It exists in
> successful
> > login too.
> >
> > Thanks for your help. Really appreciated.
> >
> > Lou
> >
> > On Thu, Feb 18, 2010 at 12:16 AM, john heasley <heas at shrubbery.net>
> wrote:
> >
> > > Wed, Feb 17, 2010 at 04:16:04PM -0600, Hailu Meng:
> > > > Hi All,
> > > >
> > > > I have been running tac_plus in my redhat for couple of months. And I
> > > always
> > > > run it as "tac_plus -C /etc/tac_plus.conf -t -d 120 -g" at
> frontground.
> > > > Right now I try to setup a service for tac_plus and run as a daemon.
> But
> > > > when I tried to run
> > > > "tac_plus -C /etc/tac_plus.conf -t -d 120", I can't login my cisco
> > > switch.
> > > > It still ask me for username. but it won't accept my password. The
> log
> > > > shows:
> > > >
> > > > Wed Feb 17 15:44:44 2010 [25229]: Reading config
> > > > Wed Feb 17 15:44:44 2010 [25229]: Version F4.0.4.19 Initialized 1
> > > > Wed Feb 17 15:44:44 2010 [25229]: tac_plus server F4.0.4.19 starting
> > > > Wed Feb 17 15:44:44 2010 [25230]: Backgrounded
> > > > Wed Feb 17 15:44:44 2010 [25231]: uid=505 euid=505 gid=505 egid=505
> s=0
> > > > Wed Feb 17 15:44:54 2010 [25231]: session.peerip is 10.1.1.10
> > > > Wed Feb 17 15:44:54 2010 [25234]: connect from 10.1.1.10 [10.1.1.10]
> > > > Wed Feb 17 15:44:55 2010 [25234]: pam_verify username
> > > > Wed Feb 17 15:44:55 2010 [25234]: pam_tacacs received 1 pam_messages
> > > > Wed Feb 17 15:44:55 2010 [25234]: Error 10.1.1.10 tty1:
> > > PAM_PROMPT_ECHO_OFF
> > > > Wed Feb 17 15:44:59 2010 [25234]: pam_verify returns 1
> > > > Wed Feb 17 15:44:59 2010 [25234]: Password has not expired <no expiry
> > > date
> > > > set>
> > > > Wed Feb 17 15:44:59 2010 [25234]: login query for 'username' tty1
> from
> > > > 10.1.1.10 accepted
> > > > Wed Feb 17 15:45:05 2010 [25231]: session.peerip is 10.1.1.10
> > > > Wed Feb 17 15:45:05 2010 [25238]: connect from 10.1.1.10 [10.1.1.10]
> > > >
> > > > After the above log, the switch pop up "Password" again asking me for
> the
> > > > password. I compared the normal log. It is same with the above.
> Wondering
> > > > why it already accepted but still keep asking me the password.
> > > >
> > > > Does anyone have idea about this?
> > >
> > > you might try -d 256 and verify that the config on the device is
> correct.
> > > also inspect the syslog for messages from the device.
> > >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20100218/958a4aad/attachment.html
More information about the tac_plus
mailing list