[strongSwan] xauth-pam and ip address
Tobias Brunner
tobias at strongswan.org
Mon Jul 17 13:18:17 CEST 2017
Hi Mike,
> (The problem)
> /var/log/secure
> 2017-07-14T18:13:46.537632+00:00 transit-pvd-tunnel-2 charon:
> pam_console(ipsec:session): getpwnam failed for 192.168.0.149
> 2017-07-14T18:13:46.537793+00:00 transit-pvd-tunnel-2 charon:
> pam_unix(ipsec:session): session closed for user 192.168.0.149
I don't think that's directly related to the error here:
> 2017-07-14T18:23:19.681129+00:00 transit-pvd-tunnel-2 charon: 06[IKE]
> XAuth pam_authenticate for 'losapio' failed: Authentication failure
> 2017-07-14T18:23:19.681588+00:00 transit-pvd-tunnel-2 charon: 06[IKE]
> XAuth authentication of 'losapio' failed
As the log message says this is logged because pam_authenticate()
failed. At that point the user name that's logged is used, together
with the received password. So either of these things are incorrect (or
your PAM setup).
The error above might be logged when the IKE_SA is destroyed with a call
to pam_close_session(). As the XAuth user name has never been set (no
successful authentication) the previous identity will be used here,
which is the client's IP address used during the PSK authentication.
Regards,
Tobias
More information about the Users
mailing list