Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cat common-auth-access
- ========================
- #
- # /etc/pam.d/common-auth - authentication settings common to all services
- #
- # This file is included from other service-specific PAM config files,
- # and should contain a list of the authentication modules that define
- # the central authentication scheme for use on the system
- # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
- # traditional Unix authentication mechanisms.
- # here are the per-package modules (the "Primary" block)
- auth [success=2 default=ignore] /usr/lib/security/libpam_tacplus.so debug server=192.168.1.10 secret=tac_test namespace=/var/run/netns/swns source_ip=192.168.1.21
- auth [success=1 default=ignore] pam_unix.so nullok
- # here's the fallback if no module succeeds
- auth requisite pam_deny.so
- # prime the stack with a positive return value if there isn't one already;
- # this avoids us returning an error just because nothing sets a success code
- # since the modules above will each just jump around
- auth required pam_permit.so
- # and here are more per-package modules (the "Additional" block)
- root@-as5712:/etc/pam.d#
- Switching Namespace to swns
- ===========================
- 2016-08-19T21:22:44.710+00:00 sshd[1644]: pam_sm_authenticate: called (pam_tacplus v1.3.8)
- 2016-08-19T21:22:44.710+00:00 sshd[1644]: pam_sm_authenticate: user [user1] obtained
- 2016-08-19T21:22:44.710+00:00 sshd[1644]: tacacs_get_password: called
- 2016-08-19T21:22:44.711+00:00 sshd[1644]: tacacs_get_password: obtained password
- 2016-08-19T21:22:44.711+00:00 sshd[1644]: pam_sm_authenticate: password obtained
- 2016-08-19T21:22:44.711+00:00 sshd[1644]: pam_sm_authenticate: tty [ssh] obtained
- 2016-08-19T21:22:44.711+00:00 sshd[1644]: pam_sm_authenticate: rhost [192.168.1.10] obtained
- 2016-08-19T21:22:44.712+00:00 sshd[1644]: namespace = /var/run/netns/swns, source_ip = , len = 19
- 2016-08-19T21:22:44.712+00:00 PAM-tacplus[1644]: switched to namespace '/var/run/netns/swns' <<<<
- 2016-08-19T21:22:44.712+00:00 sshd[1644]: pam_sm_authenticate: trying srv 0
- Switching Namespace to VRF red
- ================================
- 2016-08-19T21:45:46.145+00:00 PAM-tacplus[4883]: 1 servers defined
- 2016-08-19T21:45:46.145+00:00 PAM-tacplus[4883]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:45:46.146+00:00 PAM-tacplus[4883]: tac_service=''
- 2016-08-19T21:45:46.146+00:00 PAM-tacplus[4883]: tac_protocol=''
- 2016-08-19T21:45:46.146+00:00 PAM-tacplus[4883]: tac_prompt=''
- 2016-08-19T21:45:46.146+00:00 PAM-tacplus[4883]: tac_login=''
- 2016-08-19T21:45:46.147+00:00 PAM-tacplus[4883]: tac_namespace='/var/run/netns/6af57d96-6469-446e-82cd-47febacf7d6e'
- 2016-08-19T21:45:46.147+00:00 PAM-tacplus[4883]: tac_source_ip=''
- 2016-08-19T21:45:46.147+00:00 sshd[4883]: pam_sm_authenticate: called (pam_tacplus v1.3.8)
- 2016-08-19T21:45:46.148+00:00 sshd[4883]: pam_sm_authenticate: user [user1] obtained
- 2016-08-19T21:45:46.148+00:00 sshd[4883]: tacacs_get_password: called
- 2016-08-19T21:45:46.149+00:00 sshd[4883]: tacacs_get_password: obtained password
- 2016-08-19T21:45:46.149+00:00 sshd[4883]: pam_sm_authenticate: password obtained
- 2016-08-19T21:45:46.149+00:00 sshd[4883]: pam_sm_authenticate: tty [ssh] obtained
- 2016-08-19T21:45:46.149+00:00 sshd[4883]: pam_sm_authenticate: rhost [192.168.1.10] obtained
- 2016-08-19T21:45:46.150+00:00 sshd[4883]: namespace = /var/run/netns/6af57d96-6469-446e-82cd-47febacf7d6e, source_ip = , len = 51
- 2016-08-19T21:45:46.150+00:00 PAM-tacplus[4883]: switched to namespace '/var/run/netns/6af57d96-6469-446e-82cd-47febacf7d6e'
- 2016-08-19T21:45:46.150+00:00 sshd[4883]: pam_sm_authenticate: trying srv 0
- 2016-08-19T21:45:46.151+00:00 sshd[4883]: tacacs status: TAC_PLUS_AUTHEN_STATUS_PASS
- 2016-08-19T21:45:46.151+00:00 sshd[4883]: pam_sm_authenticate: active srv 0
- 2016-08-19T21:45:46.152+00:00 sshd[4883]: pam_sm_authenticate: exit with pam status: 0
- 2016-08-19T21:45:46.152+00:00 sshd[4883]: Accepted password for user1 from 192.168.1.10 port 43727 ssh2
- 2016-08-19T21:45:46.152+00:00 PAM-tacplus[4883]: 1 servers defined
- 2016-08-19T21:45:46.153+00:00 PAM-tacplus[4883]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:45:46.153+00:00 PAM-tacplus[4883]: tac_service=''
- 2016-08-19T21:45:46.153+00:00 PAM-tacplus[4883]: tac_protocol=''
- 2016-08-19T21:45:46.154+00:00 PAM-tacplus[4883]: tac_prompt=''
- 2016-08-19T21:45:46.154+00:00 PAM-tacplus[4883]: tac_login=''
- 2016-08-19T21:45:46.155+00:00 PAM-tacplus[4883]: tac_namespace='/var/run/netns/6af57d96-6469-446e-82cd-47febacf7d6e'
- 2016-08-19T21:45:46.155+00:00 PAM-tacplus[4883]: tac_source_ip=''
- 2016-08-19T21:45:46.155+00:00 sshd[4883]: pam_sm_setcred: called (pam_tacplus v1.3.8)
- 2016-08-19T21:45:46.155+00:00 sshd[4883]: pam_unix(sshd:session): session opened for user user1 by (uid=0)
- 2016-08-19T21:45:46.293+00:00 systemd-logind[232]: New session c6 of user user1.
- 2016-08-19T21:45:46.296+00:00 systemd: pam_unix(systemd-user:session): session opened for user user1 by (uid=0)
- 2016-08-19T21:45:46.327+00:00 PAM-tacplus[4902]: 1 servers defined
- 2016-08-19T21:45:46.327+00:00 PAM-tacplus[4902]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:45:46.327+00:00 PAM-tacplus[4902]: tac_service=''
- 2016-08-19T21:45:46.328+00:00 PAM-tacplus[4902]: tac_protocol=''
- 2016-08-19T21:45:46.328+00:00 PAM-tacplus[4902]: tac_prompt=''
- 2016-08-19T21:45:46.328+00:00 PAM-tacplus[4902]: tac_login=''
- 2016-08-19T21:45:46.328+00:00 PAM-tacplus[4902]: tac_namespace='/var/run/netns/6af57d96-6469-446e-82cd-47febacf7d6e'
- 2016-08-19T21:45:46.329+00:00 PAM-tacplus[4902]: tac_source_ip=''
- 2016-08-19T21:45:46.329+00:00 sshd[4902]: pam_sm_setcred: called (pam_tacplus v1.3.8)
- Binding source IP address
- ==========================
- 2016-08-19T21:30:36.556+00:00 PAM-tacplus[2770]: 1 servers defined
- 2016-08-19T21:30:36.556+00:00 PAM-tacplus[2770]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:30:36.556+00:00 PAM-tacplus[2770]: tac_service=''
- 2016-08-19T21:30:36.557+00:00 PAM-tacplus[2770]: tac_protocol=''
- 2016-08-19T21:30:36.557+00:00 PAM-tacplus[2770]: tac_prompt=''
- 2016-08-19T21:30:36.557+00:00 PAM-tacplus[2770]: tac_login=''
- 2016-08-19T21:30:36.558+00:00 PAM-tacplus[2770]: tac_namespace=''
- 2016-08-19T21:30:36.558+00:00 PAM-tacplus[2770]: tac_source_ip='192.168.1.21'
- 2016-08-19T21:30:36.558+00:00 sshd[2770]: pam_sm_authenticate: called (pam_tacplus v1.3.8)
- 2016-08-19T21:30:36.558+00:00 sshd[2770]: pam_sm_authenticate: user [user1] obtained
- 2016-08-19T21:30:36.559+00:00 sshd[2770]: tacacs_get_password: called
- 2016-08-19T21:30:36.559+00:00 sshd[2770]: tacacs_get_password: obtained password
- 2016-08-19T21:30:36.560+00:00 sshd[2770]: pam_sm_authenticate: password obtained
- 2016-08-19T21:30:36.560+00:00 sshd[2770]: pam_sm_authenticate: tty [ssh] obtained
- 2016-08-19T21:30:36.560+00:00 sshd[2770]: pam_sm_authenticate: rhost [192.168.1.10] obtained
- 2016-08-19T21:30:36.560+00:00 sshd[2770]: namespace = , source_ip = 192.168.1.21, len = 0 <<<<<<
- 2016-08-19T21:30:36.561+00:00 sshd[2770]: pam_sm_authenticate: trying srv 0
- 2016-08-19T21:30:36.561+00:00 sshd[2770]: tac_connect_single: Failed to bind source address: Cannot assign requested address
- 2016-08-19T21:30:36.561+00:00 PAM-tacplus[2770]: connection failed srv 0: Cannot assign requested address
- 2016-08-19T21:30:36.562+00:00 PAM-tacplus[2770]: no more servers to connect
- 2016-08-19T21:30:36.562+00:00 sshd[2770]: pam_sm_authenticate: exit with pam status: 9
- 2016-08-19T21:30:39.121+00:00 sshd[2770]: Failed password for user1 from 192.168.1.10 port 35661 ssh2
- 2016-08-19T21:32:03.518+00:00 sshd[2976]: namespace = , source_ip = 192.168.1.21, len = 0
- 2016-08-19T21:32:03.518+00:00 sshd[2976]: pam_sm_authenticate: trying srv 0
- 2016-08-19T21:32:03.519+00:00 sshd[2976]: tacacs status: TAC_PLUS_AUTHEN_STATUS_PASS
- 2016-08-19T21:32:03.519+00:00 sshd[2976]: pam_sm_authenticate: active srv 0
- 2016-08-19T21:32:03.519+00:00 sshd[2976]: pam_sm_authenticate: exit with pam status: 0
- 2016-08-19T21:32:03.519+00:00 sshd[2976]: Accepted password for user1 from 192.168.1.10 port 35662 ssh2
- 2016-08-19T21:32:03.520+00:00 PAM-tacplus[2976]: 1 servers defined
- 2016-08-19T21:32:03.520+00:00 PAM-tacplus[2976]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:32:03.521+00:00 PAM-tacplus[2976]: tac_service=''
- 2016-08-19T21:32:03.521+00:00 PAM-tacplus[2976]: tac_protocol=''
- 2016-08-19T21:32:03.521+00:00 PAM-tacplus[2976]: tac_prompt=''
- 2016-08-19T21:32:03.522+00:00 PAM-tacplus[2976]: tac_login=''
- 2016-08-19T21:32:03.522+00:00 PAM-tacplus[2976]: tac_namespace=''
- 2016-08-19T21:32:03.522+00:00 PAM-tacplus[2976]: tac_source_ip='192.168.1.21'
- 2016-08-19T21:32:03.523+00:00 sshd[2976]: pam_sm_setcred: called (pam_tacplus v1.3.8)
- 2016-08-19T21:32:03.523+00:00 sshd[2976]: pam_unix(sshd:session): session opened for user user1 by (uid=0)
- 2016-08-19T21:32:03.660+00:00 systemd: pam_unix(systemd-user:session): session opened for user user1 by (uid=0)
- 2016-08-19T21:32:03.661+00:00 systemd-logind[232]: New session c5 of user user1.
- 2016-08-19T21:32:03.679+00:00 PAM-tacplus[2993]: 1 servers defined
- 2016-08-19T21:32:03.680+00:00 PAM-tacplus[2993]: server[0] { addr=192.168.1.10:49, key='tac_test' }
- 2016-08-19T21:32:03.680+00:00 PAM-tacplus[2993]: tac_service=''
- 2016-08-19T21:32:03.680+00:00 PAM-tacplus[2993]: tac_protocol=''
- 2016-08-19T21:32:03.680+00:00 PAM-tacplus[2993]: tac_prompt=''
- 2016-08-19T21:32:03.681+00:00 PAM-tacplus[2993]: tac_login=''
- 2016-08-19T21:32:03.681+00:00 PAM-tacplus[2993]: tac_namespace=''
- 2016-08-19T21:32:03.681+00:00 PAM-tacplus[2993]: tac_source_ip='192.168.1.21'
- 2016-08-19T21:32:03.682+00:00 sshd[2993]: pam_sm_setcred: called (pam_tacplus v1.3.8)
- Logs on the Tacacs Server
- ==========================
- Aug 23 15:59:20 centos44180 tac_plus[4671]: connect from 192.168.1.20 [192.168.1.20]
- Aug 23 16:00:24 centos44180 tac_plus[4729]: connect from 192.168.1.20 [192.168.1.20]
- Aug 23 16:04:45 centos44180 tac_plus[4815]: connect from 192.168.1.20 [192.168.1.20]
- Aug 23 16:11:03 centos44180 tac_plus[4934]: connect from 192.168.1.21 [192.168.1.21]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement