Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-7674: Users can login locally, but not over SSH. Getting error as: invalid user or password.

Authentication Service ,  

28 October,16 at 05:24 PM

Applies To : All versions of Centrify DirectControl 


Users can login locally, but not over SSH.  The error in the log is:

adclient[5370]: INFO AUDIT_TRAIL|Centrify Suite|Centrify sshd|1.0|101|SSHD denied|5|user=spadmin(type:ad,SPAdmin@XYZ.COM) pid=6610 utc=1474890765178 centrifyEventID=27101 status=DENIED service=ssh-connection tty=(no tty) authMechanism=password client= reason=AUTH_FAIL_PASSWD(invalid user or password.)

But neither user nor password is invalid and is happening on only one server.


Debug log shows  that Centrify's PAM module has not been called when the user try to ssh to server. In the file
all the lines that has Centrify pam module entries were commented out. 


Edit the file
/etc/pam.d/system-auth to uncomment the following lines and save.

auth sufficient 
auth requisite deny 
account sufficient 
account requisite deny 
session required homedir 
password sufficient try_first_pass 
password requisite deny