RE: Login Pause after Password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I compared the PAM configuration for sshd and system-auth on our working
server and one of the troubled servers.  They are exactly the same.  With
that in mind, I added debugging info from PAM for sshd and system-auth.
While I am not going to paste all of the output, I do see several choke
points.  Unfortunately, I don't see any activity during those periods.
Below are the lines around each choke point:

Jan  4 17:23:15 host sshd[3415]: debug1: PAM: initializing for "username"
Jan  4 17:23:25 host sshd[3415]: debug1: PAM: setting PAM_RHOST to "host"

Jan  4 17:23:26 host pam_stack[3415]: returning 0 (Success)
Jan  4 17:23:31 host sshd[3415]: debug1: PAM: password authentication
accepted for username

Jan  4 17:23:31 host pam_stack[3415]: returning 0 (Success)
Jan  4 17:23:36 host sshd[3415]: Accepted password for username from
::ffff:x.x.x.x port 1651 ssh2

Jan  4 17:23:36 host pam_stack[3417]: returning 0 (Success)
Jan  4 17:23:41 host sshd[3417]: debug1: PAM: reinitializing credentials

Jan  4 17:23:41 host pam_stack[3417]: returning 0 (Success)
Jan  4 17:23:46 host sshd[3417]: debug1: permanently_set_uid: 501/0
 

With that in mind, I have to agree that the issue appears to be with PAM,
but I am just not sure what.  The debug logs are showing nothing during the
5-10 second gaps.  As this server is using local files, rather than NIS, I
don't believe there is any network or DNS issue.  Thoughts?


----
Thank You,
Jason Williard



On 5 Jan 2006, at 00:56, Jason Williard wrote:
<snip>
> Jan  4 16:37:23 host sshd[3190]: debug1: PAM: initializing for  
> "myusername"
> Jan  4 16:37:33 host sshd[3190]: debug1: PAM: setting PAM_RHOST to  
> "x.x.x.x"
<snip>
> Jan  4 16:37:33 host sshd[3190]: debug1: PAM: setting PAM_TTY to "ssh"
> Jan  4 16:37:38 host sshd[3190]: debug1: PAM: password authentication
<snip>
> Jan  4 16:37:38 host sshd[3190]: debug1: PAM: password authentication
> accepted for myusername
> Jan  4 16:37:43 host sshd[3190]: Accepted password for myusername from
> ::ffff:x.x.x.x port 1380 ssh2
<snip>
> Jan  4 16:37:43 host sshd[3190]: debug1: monitor_child_preauth:  
> myusername
> has been authenticated by privileged process
> Jan  4 16:37:48 host sshd[3192]: debug1: PAM: reinitializing  
> credentials
<snip>
> Jan  4 16:37:48 host sshd[3192]: debug1: PAM: reinitializing  
> credentials
> Jan  4 16:37:53 host sshd[3192]: debug1: permanently_set_uid: 501/0

It seems to me at first glance, that every delay is PAM related, what  
is in /etc/pam.d/sshd and possibly /etc/pam.d/system-auth?

If you're debugging I'd start with comparing pam.d with a server that  
is working how you would expect - I've had things like pam_mount  
cause similar delays in the past.

--
Sam

>
>
> Try adding the 'set -vx' to .bash_profile, too. It may show  
> something and is
> sourced before .bashrc...
>
> Kevin
>
> -----Original Message-----
> From: nahant-list-bounces@xxxxxxxxxx [mailto:nahant-list- 
> bounces@xxxxxxxxxx]
> On Behalf Of Jason Williard
> Sent: Wednesday, January 04, 2006 4:28 PM
> To: 'Red Hat Enterprise Linux 4 (Nahant) Discussion List'; 'Redhat  
> General
> List'
> Subject: RE: Login Pause after Password
>
> The .bashrc file is pretty basic.  I did as you recommended and  
> noticed that
> the output did not occur until the last second right before the prompt
> appeared.  Another thing I did was to watch the messages log.  The  
> following
> line appeared after about 15 seconds, though it was another 15-20  
> seconds
> before the prompt appeared.
>
> Jan  4 16:21:18 host sshd(pam_unix)[3060]: session opened for user
> myusername by (uid=0)
>
> ----
> Thank You,
> Jason Williard
>
>
>
> Automounted home directories? Something in the /etc/profile.,  
> ~/.profile,
> etc? Add some tracing in your dot files and see what its doing. You  
> can add
> 'set -vx' at the top of your .profile (.bash_profile, .bashrc, .kshrc,
> whatever depending on shell).
>
> Kevin
>
> -----Original Message-----
> From: nahant-list-bounces@xxxxxxxxxx [mailto:nahant-list- 
> bounces@xxxxxxxxxx]
> On Behalf Of Jason Williard
> Sent: Wednesday, January 04, 2006 4:07 PM
> To: Redhat Enterprise 4 List; Redhat General List
> Subject: Login Pause after Password
>
> I have two servers running RHE4 with SELinux disabled.  When  
> logging into
> these servers, there is a pause of approximately 30-40 seconds  
> after the
> password is entered before a shell prompt appears.  The systems are  
> not
> under heavy load and I am not seeing anything in the logs that would
> indicate an error.  In fact, I'm not seeing anything in the logs at  
> all.
> Does anyone know why there would be such a long pause during login?
>
> ----
> Thank You,
> Jason Williard
> PCSafe, Inc.
>
>
>
>
> --
> nahant-list mailing list
> nahant-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/nahant-list
>
>
>
> --
> nahant-list mailing list
> nahant-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/nahant-list
>
>
> --
> nahant-list mailing list
> nahant-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/nahant-list
>
>
>
> --
> nahant-list mailing list
> nahant-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/nahant-list
>
>
> --
> nahant-list mailing list
> nahant-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/nahant-list

--
nahant-list mailing list
nahant-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/nahant-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux