Many Concurrent SSH/SFTP sessions are failing for AD Users

Solution Verified - Updated -

Issue

  • Many Concurrent SFTP Jobs are being triggered using domain user (AD/SSSD user) and few of them fails.

  • MaxStartup issue from sshd end was fixed which allowed multiple SSH connections to authenticate simultaneously.

  • After fixing MaxStartup below errors were seen at the time of issue.

    Jan 23 05:55:26 localhost sshd[10081]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:28 localhost sshd[10091]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:34 localhost sshd[10109]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:34 localhost sshd[10123]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:34 localhost sshd[10122]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:35 localhost sshd[10126]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:55 localhost sshd[10201]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:56 localhost sshd[10210]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:58 localhost sshd[10222]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:59 localhost sshd[10219]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:56:03 localhost sshd[10237]: debug1: PAM: password authentication failed for domain_user: Authentication failure

  • Below were details of single failure

    Jan 23 05:53:54 localhost sshd[10081]: debug3: PAM: sshpam_passwd_conv called with 1 messages
Jan 23 05:55:26 localhost sshd[10081]: debug1: PAM: password authentication failed for domain_user: Authentication failure
Jan 23 05:55:26 localhost sshd[10081]: debug3: mm_answer_authpassword: sending result 0
Jan 23 05:55:26 localhost sshd[10081]: debug3: mm_request_send entering: type 13
Jan 23 05:55:26 localhost sshd[10081]: Failed password for domain_user from 10.54.159.59 port 58829 ssh2
Jan 23 05:55:26 localhost sshd[10081]: Excess permission or bad ownership on file /var/log/btmp

Environment

  • Red Hat Enterprise Linux
  • Openssh
  • sssd / AD

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content