Project

General

Profile

Actions

Bug #14852

closed

SSH authentification with Radius backend is not working

Added by Lev Prokofev almost 2 years ago. Updated almost 2 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

On an attempt to ssh using the Radius user credentials I get

"(lev@172.21.100.1) RADIUS Password:
Radius rejection" 

This user can log in to the GUI but not ssh.

Tested with FreeRadius package.
Standard config, user attributes set to

Class := "admin;ssh;" 

Logs:

Oct 7 08:10:19    sshd    51810    Invalid user lev from 172.21.100.10 port 49339
Oct 7 08:10:19    sshguard    68179    Attack from "172.21.100.10" on service SSH with danger 10.
Oct 7 08:10:19    sshd    51810    Postponed keyboard-interactive for invalid user lev from 172.21.100.10 port 49339 ssh2 [preauth]
Oct 7 08:10:23    radiusd    75454    (1) Login incorrect (Failed retrieving values required to evaluate condition): [lev] (from client pfSense port 0 cli 172.21.100.10)
Oct 7 08:10:24    sshd    51810    Postponed keyboard-interactive/pam for invalid user lev from 172.21.100.10 port 49339 ssh2 [preauth]
Oct 7 08:10:24    sshd    51810    Failed keyboard-interactive/pam for invalid user lev from 172.21.100.10 port 49339 ssh2
Oct 7 08:10:24    sshd    51810    Postponed keyboard-interactive for invalid user lev from 172.21.100.10 port 49339 ssh2 [preauth]
Oct 7 08:10:25    sshd    51810    Connection reset by invalid user lev 172.21.100.10 port 49339 [preauth]
Oct 7 08:10:25    sshguard    68179    Attack from "172.21.100.10" on service SSH with danger 2.
Oct 7 08:11:38    radiusd    75454    (2) Login OK: [lev] (from client pfSense port 0) lev

The last message (Oct 7 08:11:38) is an authentication test in GUI (Diagnostics=>Authentification)


Files

clipboard-202310070922-ixssl.png (41.3 KB) clipboard-202310070922-ixssl.png Lev Prokofev, 10/07/2023 05:22 AM
Actions

Also available in: Atom PDF