This happen randomly, local root can login through SSH to the affected system but for freeipa user, login was successful but there's no prompt. When successfully logged in, it only display a message saying "Last login: xxx" and then no prompt. There's no sssd errors though, restarting the service doesn't help either. While the issue happen to one system, other systems freeipa users can login no problem.
Only way to get out of this is to restart the entire system.
Am Fri, Jun 23, 2023 at 12:25:03AM -0000 schrieb barry y via FreeIPA-users:
This happen randomly, local root can login through SSH to the affected system but for freeipa user, login was successful but there's no prompt. When successfully logged in, it only display a message saying "Last login: xxx" and then no prompt. There's no sssd errors though, restarting the service doesn't help either. While the issue happen to one system, other systems freeipa users can login no problem.
Hi,
maybe sshd debug logs might help. You can enable them by setting 'LogLevel DEBUG3' in /etc/ssh/sshd_config and restarting sshd. The logs can be found in /var/log/secure or the journal.
bye, Sumit
Only way to get out of this is to restart the entire system. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
barry y via FreeIPA-users wrote:
This happen randomly, local root can login through SSH to the affected system but for freeipa user, login was successful but there's no prompt. When successfully logged in, it only display a message saying "Last login: xxx" and then no prompt. There's no sssd errors though, restarting the service doesn't help either. While the issue happen to one system, other systems freeipa users can login no problem.
Only way to get out of this is to restart the entire system.
I think you need to start with https://sssd.io/troubleshooting/basics.html
Cranking up the debug level should show what is happening inside sssd.
rob
barry y via FreeIPA-users wrote:
doesn't look like it's sssd issue, i tried kinit <user> login is fine
You still should increase SSSD debugging as it does all the id lookups, etc. Maybe it turns up nothing but it would rule it out.
Of course restarting SSSD might resolve it on its own as well.
rob
barry y via FreeIPA-users wrote:
restarting SSSD didn't solve the problem
Then you need to enable debugging to see if anything is going on.
rob
P.S. I assume you are using the web to respond. This is a mailing list so if you can include some of the previous context it will help those reading this through a classic mail client keep track of what is going on.
I replicated the issue again, and tried a few more things - No SSH errors at all - I could do "kinit <username>" and login with no problem, when the issue occurred - what's really interesting, is that when I do "su <user>", and login, then I see exactly the issue the user see, no prompt, and no response at all
freeipa-users@lists.fedorahosted.org