Receiving pam_unix(sshd:auth): authentication failures, then pam_sss(sshd:auth): authentication success

Solution Verified - Updated -

Issue

  • Why are false authentication failure messages reported by pam_unix for SSSD users in Red Hat Enterprise Linux?

  • SSH Login to RHEL servers shows pam_unix authentication failure for non-local (IdM/SSSD/AD/LDAP) users

  • If an IdM/AD user (sssd) tries to login via ssh first you get pam_unix error then pam_sss success, errors like this are seen in /var/log/secure log :

Oct 22 08:22:12 client1 sshd[3123581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=client1.example.com  user=user22
Oct 22 08:22:13 client1 sshd[3123581]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=client1.example.com user=user22
  • How to get rid of pam_unix failed messages when user is in SSSD ?

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • SSSD
  • Winbind

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content