PAM Authentication failure Authentication token no longer valid, allowed in anyway
Hello,
Try to fix a security issue I discovered that allows users with expired passwords to authenticate anyway and be allowed access. Where might I fix this on RHEL 6? It's obviously set somewhere to ignore the authentication failure and expired token. Same user results below.
Expired Password:
sshd[14776]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<ip address> user=<username>
sshd[14776]: pam_sss(sshd:auth): received for user <username>: 12 (Authentication token is no longer valid; new one required)
sshd[14776]: Accepted password for <username> from <ip address> port <port number> ssh2
sshd[14776]: pam_unix(sshd:session): session opened for user <username> by (uid=0)
Non-expired Password:
sshd[22018]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=<ip address> user=<username>
sshd[22018]: Accepted password for <username> from <ip address> port <port number> ssh2
sec001 sshd[22018]: pam_unix(sshd:session): session opened for user <username> by (uid=0)
|