PAM SSSD Allow Local Users

linux ssh pam
31,078

Troubleshooting Authentication, Password Change and Access Control In order for authentication to be successful, the user information must be accurately provided first. Before debugging authentication, please make sure the user information is resolvable with getent passwd $user or id $user. Failing to retrieve the user info would also manifest in the secure logs or the journal with message such as:

pam_sss(sshd:account): Access denied for user admin: 10 (User not known to the underlying authentication module)

Source of Information

Share:
31,078

Related videos on Youtube

user3063045
Author by

user3063045

Updated on September 18, 2022

Comments

  • user3063045
    user3063045 over 1 year

    I've got a default SSSD configuration with PAM. I can login fine as any LDAP user. However, when I create a local user on a server:

    adduser test1
passwd test1

    and then try to login as that user I get the following error:

    pam_sss(sshd:account): Access denied for user test1: 10 (User not known to the underlying authentication module)

    My /etc/nsswitch.conf is this:

    passwd:     files sss
shadow:     files sss
group:      files sss

#hosts:     db files nisplus nis dns
hosts:      files dns  

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files sss

netgroup:   files sss

publickey:  nisplus

automount:  files ldap
aliases:    files nisplus

sudoers: files sss

    Now files is listed as an alternate in nsswitch.conf but it doesn't seem to be looking at the files to authenticate.

    How can I allow login as a local user when SSSD is my authentication module?

    • user3063045
      user3063045 almost 8 years
      I ended up just creating an LDAP user to replace the local user
  • Brad Solomon
    Brad Solomon about 3 years
    In what way does this actually answer the question?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

sshd[4344]: error: ssh_selinux_setup_pty: security_compute_relabel: Invalid argument?
Restrict root ssh from all but one IP/hostname
How to display SSH banner at login, but only for password authentication
Limiting Failed SSH Logins
How can I delay sshd login after bad password
How to automatically create user accounts ( SSH + LDAP )
Connection closed by UNKNOWN port 65535 when SSH using AD Creds on RHEL Machine
What happens when your password expires and you're using key authentication?
How do I force a user to change a password at the first time login using ssh?
Why does my remote process still run after killing an ssh session?