Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RADIUS]Login fails. triggering six sshd processes to login device with same username and password at the same time, only one process login successfully. #21130

Open
gx1010 opened this issue Dec 11, 2024 · 1 comment
Open

[RADIUS]Login fails. triggering six sshd processes to login device with same username and password at the same time, only one process login successfully. #21130

gx1010 opened this issue Dec 11, 2024 · 1 comment

Comments

@gx1010
Copy link

gx1010 commented Dec 11, 2024

Description

Triggering 6 sshd processes to login device with same username and password at the same time, only one user login successfully.

Steps to reproduce the issue:

  1. Configure Radius Server
  2. Configure aaa authentication on Sonic Switch
    config aaa authentication login radius local
  3. Config radius server on Sonic Switch
    config radius add {RadiusServerIP} -k {RadiusServerPassword}
  4. Try to login with test user, and the user login successful.
  5. Triggering six sshd processes to login device with same username and password at the same time, only one process login successfully.

Describe the results you received:

Out of six processes, only one process has been authenticated successfully.

Logs and Config:

admin@sonic:~$ show version
SONiC Software Version: SONiC.202205.204875-9a3571cec
Distribution: Debian 11.6
Kernel: 5.10.0-18-2-amd64
Build commit: 9a3571cec
Build date: Wed Jan 18 14:03:03 UTC 2023

admin@sonic:~$ show radius
RADIUS global auth_type pap
RADIUS global retransmit 3 (default)
RADIUS global timeout 5 (default)
RADIUS global passkey test123

RADIUS_SERVER address 1.1.1.1
               auth_port 1812
               priority 1

admin@sonic:~$ show aaa
AAA authentication login radius
AAA authentication failthrough False (default)
AAA authorization login local (default)
AAA accounting login disable (default)

admin@sonic:~# ps -ef | grep sshd
root         751       1  0 Jan01 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 3 of 10-100 startups
root     1047375     751  0 Feb02 ?        00:00:00 sshd: admin [priv]
admin    1047496 1047375  0 Feb02 ?        00:00:00 sshd: admin@pts/1
root     1753157     751  0 09:46 ?        00:00:00 sshd: admin [priv]
admin    1753921 1753157  0 09:46 ?        00:00:00 sshd: admin@pts/0
root     1756831     751  6 09:47 ?        00:00:00 sshd: usertest [priv]
root     1756832     751  8 09:47 ?        00:00:00 sshd: usertest [priv]
root     1756833     751  5 09:47 ?        00:00:00 sshd: usertest [priv]
root     1756834     751  6 09:47 ?        00:00:00 sshd: usertest [priv]
root     1756835     751  6 09:47 ?        00:00:00 sshd: usertest [priv]
root     1756836     751  9 09:47 ?        00:00:00 sshd: usertest [priv]
sshd     1756839 1756832  1 09:47 ?        00:00:00 sshd: usertest [net]
sshd     1756840 1756831  0 09:47 ?        00:00:00 sshd: usertest [net]
sshd     1756842 1756836  0 09:47 ?        00:00:00 sshd: usertest [net]
usertest  1756866 1756834  0 09:47 ?        00:00:00 sshd: usertest
usertest  1756867 1756833  0 09:47 ?        00:00:00 sshd: usertest
admin    1756869 1753922  0 09:47 pts/0    00:00:00 grep --color=auto sshd

Dec 10 2024 16:42:35.292312 sonic INFO sshd[2342684]: Connection from 127.0.0.1 port 43622 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.292956 sonic INFO sshd[2342686]: Connection from 127.0.0.1 port 43648 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.293365 sonic INFO sshd[2342683]: Connection from 127.0.0.1 port 43610 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.293755 sonic INFO sshd[2342687]: Connection from 127.0.0.1 port 43654 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.294185 sonic INFO sshd[2342682]: Connection from 127.0.0.1 port 43608 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.295451 sonic INFO sshd[2342685]: Connection from 127.0.0.1 port 43634 on 127.0.0.1 port 2081 rdomain "" 
Dec 10 2024 16:42:35.304709 sonic INFO sshd[2342684]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.305632 sonic INFO sshd[2342684]: nss: Creating user "usertest" 
Dec 10 2024 16:42:35.307635 sonic INFO sshd[2342683]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.307805 sonic INFO sshd[2342685]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.308106 sonic INFO sshd[2342687]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.308390 sonic INFO sshd[2342686]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.308546 sonic INFO sshd[2342685]: Invalid user usertest from 127.0.0.1 port 43634 
Dec 10 2024 16:42:35.308732 sonic INFO sshd[2342687]: Invalid user usertest from 127.0.0.1 port 43654 
Dec 10 2024 16:42:35.309317 sonic INFO sshd[2342683]: Invalid user usertest from 127.0.0.1 port 43610 
Dec 10 2024 16:42:35.309883 sonic INFO sshd[2342686]: Invalid user usertest from 127.0.0.1 port 43648 
Dec 10 2024 16:42:35.310714 sonic INFO sshd[2342682]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.311287 sonic INFO sshd[2342682]: Invalid user usertest from 127.0.0.1 port 43608 
Dec 10 2024 16:42:35.317159 sonic INFO sshd[2342682]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.317437 sonic NOTICE sshd[2342682]: pam_faillock(sshd:auth): User unknown: usertest 
Dec 10 2024 16:42:35.320045 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.320211 sonic INFO sshd[2342685]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.320503 sonic NOTICE sshd[2342685]: pam_faillock(sshd:auth): User unknown: usertest 
Dec 10 2024 16:42:35.321282 sonic INFO sshd[2342683]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.321785 sonic INFO sshd[2342687]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.321993 sonic INFO sshd[2342686]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.322176 sonic NOTICE sshd[2342683]: pam_faillock(sshd:auth): User unknown: usertest 
Dec 10 2024 16:42:35.322246 sonic NOTICE sshd[2342687]: pam_faillock(sshd:auth): User unknown: usertest 
Dec 10 2024 16:42:35.322538 sonic NOTICE sshd[2342686]: pam_faillock(sshd:auth): User unknown: usertest 
Dec 10 2024 16:42:35.355893 sonic INFO [2342682]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.356266 sonic INFO useradd[2342694]: new group: name=usertest, GID=1012 
Dec 10 2024 16:42:35.356452 sonic INFO useradd[2342694]: new user: name=usertest, UID=1012, GID=1012, home=/home/usertest, shell=/bin/bash, from=none 
Dec 10 2024 16:42:35.370351 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.370734 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent. 
Dec 10 2024 16:42:35.371091 sonic INFO useradd[2342694]: add 'usertest' to group 'usertest' 
Dec 10 2024 16:42:35.371546 sonic INFO useradd[2342694]: add 'usertest' to shadow group 'usertest' 
Dec 10 2024 16:42:35.391931 sonic INFO [2342687]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.392659 sonic INFO [2342686]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.393147 sonic INFO [2342683]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.393606 sonic INFO [2342685]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.560863 sonic INFO [2342684]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812 
Dec 10 2024 16:42:35.643546 sonic INFO [2342684]: pam_radius_auth: authentication succeeded 
Dec 10 2024 16:42:35.747905 sonic INFO sshd[2342684]: Accepted password for usertest from 127.0.0.1 port 43622 ssh2 
Dec 10 2024 16:42:35.751078 sonic INFO sshd[2342684]: pam_unix(sshd:session): session opened for user usertest(uid=1012) by (uid=0) 
Dec 10 2024 16:42:35.751908 sonic INFO sshd[2342684]: User child is on pid 2342712 
Dec 10 2024 16:42:35.793955 sonic INFO sshd[2342712]: Starting session: command for usertest from 127.0.0.1 port 43622 id 0 
Dec 10 2024 16:42:35.824443 sonic INFO sshd[2342712]: Close session: user usertest from 127.0.0.1 port 43622 id 0 
Dec 10 2024 16:42:35.834003 sonic INFO sshd[2342712]: Connection closed by 127.0.0.1 port 43622 
Dec 10 2024 16:42:35.834267 sonic INFO sshd[2342712]: Transferred: sent 2072, received 1184 bytes 
Dec 10 2024 16:42:35.834383 sonic INFO sshd[2342712]: Closing connection to 127.0.0.1 port 43622 
Dec 10 2024 16:42:35.834592 sonic INFO sshd[2342684]: pam_unix(sshd:session): session closed for user usertest 
Dec 10 2024 16:42:37.682477 sonic INFO [2342687]: pam_radius_auth: authentication failed 
Dec 10 2024 16:42:37.684928 sonic NOTICE sshd[2342687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1  user=usertest 
Dec 10 2024 16:42:37.708500 sonic INFO [2342686]: pam_radius_auth: authentication failed 
Dec 10 2024 16:42:37.710814 sonic NOTICE sshd[2342686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1  user=usertest 
Dec 10 2024 16:42:37.733235 sonic INFO [2342683]: pam_radius_auth: authentication failed 
Dec 10 2024 16:42:37.735558 sonic NOTICE sshd[2342683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1  user=usertest 
Dec 10 2024 16:42:37.757846 sonic INFO [2342685]: pam_radius_auth: authentication failed 
Dec 10 2024 16:42:37.760176 sonic NOTICE sshd[2342685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1  user=usertest 
Dec 10 2024 16:42:37.781020 sonic INFO [2342682]: pam_radius_auth: authentication failed 
Dec 10 2024 16:42:37.783306 sonic NOTICE sshd[2342682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1  user=usertest 
Dec 10 2024 16:42:40.016871 sonic INFO sshd[2342687]: Failed password for invalid user usertest from 127.0.0.1 port 43654 ssh2 
Dec 10 2024 16:42:40.044460 sonic INFO sshd[2342686]: Failed password for invalid user usertest from 127.0.0.1 port 43648 ssh2 
Dec 10 2024 16:42:40.069311 sonic INFO sshd[2342683]: Failed password for invalid user usertest from 127.0.0.1 port 43610 ssh2 
Dec 10 2024 16:42:40.093744 sonic INFO sshd[2342685]: Failed password for invalid user usertest from 127.0.0.1 port 43634 ssh2 
Dec 10 2024 16:42:40.117046 sonic INFO sshd[2342682]: Failed password for invalid user usertest from 127.0.0.1 port 43608 ssh2 
Dec 10 2024 16:42:42.418766 sonic INFO sshd[2342682]: Connection closed by invalid user usertest 127.0.0.1 port 43608 [preauth] 
Dec 10 2024 16:42:42.421598 sonic INFO sshd[2342685]: Connection closed by invalid user usertest 127.0.0.1 port 43634 [preauth] 
Dec 10 2024 16:42:42.422696 sonic INFO sshd[2342683]: Connection closed by invalid user usertest 127.0.0.1 port 43610 [preauth] 
Dec 10 2024 16:42:42.423625 sonic INFO sshd[2342687]: Connection closed by invalid user usertest 127.0.0.1 port 43654 [preauth] 
Dec 10 2024 16:42:42.425027 sonic INFO sshd[2342686]: Connection closed by invalid user usertest 127.0.0.1 port 43648 [preauth]

Describe the results you expected:

All processes have been successfully authenticated.

Output of show version:

(paste your output here)

Output of show techsupport:

(paste your output here or download and attach the file here )

Additional information you deem important (e.g. issue happens only occasionally):

#14466
Try to fix it with this method, but the problem still exists.
@gx1010
Copy link
Author

gx1010 commented Dec 11, 2024

#13141
Also try to fix it with this method, and it failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gx1010