Password Change Failed Pam Error 10
Contents |
When a user tries to change his/her password you get the following error : passwd: Authentication token manipulation error. I am running SLES 11.2 on S390X. Any ideas rhel passwd: authentication token manipulation error how to get past this problem. This is what the /etc/passwd
Passwd Authentication Token Manipulation Error Redhat 6
file looks like (Extract that shows the user account that tries to change password) venumadhavp:x:5400:5008:venumadhavp:/home/venumadhavp:/bin/bash The /etc/shadow file authentication token manipulation error centos (Extract that shows the user account that tries to change password): venumadhavp:$2y$10$Z4F7wZOsPL2g/YtKpcC2YuVa.eT2P6nPJfXxda35ZNbzi.3FQCiJC:15769:7:3 2:7::: Any help will be appreciated. Regards, Kobus jmozdzen05-Mar-2013, 15:05Hi Kobus, how are the persissions set
Passwd Authentication Token Manipulation Error Centos 6
up for - /etc/passwd - /etc/shadow - /usr/bin/passwd? Has that user been (or are other users) able to change the password? If it "worked once", were there any changes to the installation (OS updates, changing user authentication to/from LDAP/NIS/...)? Regards, Jens kobuse06-Mar-2013, 06:51Hi Jens, -rw-r--r-- 1 root root 1692 Mar 5 14:26 passwd -rw------- 1 root root 1242 Mar 5 14:26 shadow -rwsr-xr-x 1 root shadow 90176 Feb 1 2012 passwd* This is a new server. We had to apply certain changes to the rights of certain files (our friends the auditors :-) require that) Regards, Kobus kobuse06-Mar-2013, 06:53I have also done a chage -l. The output for that user id is as follow: Minimum: 7 Maximum: 32 Warning: 7 Inactive: -1 Last Change: Mar 05, 2013 Password Expires: Apr 06, 2013 Password Inactive: Never Account Expires: Never kobuse06-Mar-2013, 06:56Sorry to reply in drips and drabs. What happened was that yesterday as root I changed the user's password. I requested that he change his password after he log on (for security reasons, I do not want to know his password) He could sighn on but could not change his password because of this error. kobuse06-Mar-2013, 07:32If I look in /var/log/messages the following error can be seen: Mar 6 08:25:33 d0043 passwd[21002]: User venumadhavp: Authentication token manipulation error Mar 6 08:25:33 d0043 passwd[21002]: password change failed, pam error 20 - account=ve
Date: Mon, 27 Mar 2006 16:24:54 +0200 Hello, I've got the following situation: The 6000 accounts of our eMail-server are stored in /etc/passwd resp. /etc/shadow. To change their passwords, the users use a ssh-session. The only object of the ssh-session is to change a users password, therefore the loginshell is /usr/bin/passwd. To avoid attacks on the ssh-daemon, we only want a seperate web-server with a little php-web-page to open the ssh-session. I use apache/php with a php-module called php-ssh2 and a library called libssh2 to https://forums.suse.com/archive/index.php/t-2469.html establish the ssh-session. This works fine, until it comes to the point, where the old password is sent to /usr/bin/passwd. I get the following screen in /var/log/messages: sshd[]: pam_unix2: pam_sm_authenticate() called sshd[]: pam_unix2: username=[dummy] sshd[]: pam_unix2: pam_sm_authenticate: PAM_SUCCESS sshd[]: pam_unix2: pam_sm_acct_mgmt() called sshd[]: pam_unix2: username=[dummy] sshd[]: pam_unix2: expire() returned with 0 sshd[]: Accepted password for dummy from 192.168.136.50 https://www.redhat.com/archives/pam-list/2006-March/msg00017.html port 6235 ssh2 sshd[]: pam_unix2: session started for user dummy, service sshd sshd[]: pam_unix2: pam_sm_setcred() called sshd[]: pam_unix2: username=[dummy] sshd[]: pam_unix2: pam_sm_setcred: PAM_SUCCES -passwd[]: pam_unix2: pam_sm_chauthtok() called -passwd[]: pam_unix2: username=[dummy] sshd[]: pam_unix2: pam_sm_setcred() called sshd[]: pam_unix2: username=[dummy] sshd[]: pam_unix2: pam_sm_setcred: PAM_SUCCESS sshd[]: pam_unix2: session finished for user dummy, service sshd -passwd[]: pam_unix2: pam_sm_chauthtok() called -passwd[]: pam_unix2: username=[dummy] -passwd[]: User dummy: Authentication token manipulation error -passwd[]: password change failed, pam error 20 - account=dummy, uid=1000, by=1000 If I use some other tools like gnu-ssh or putty, it all works very well. Is there a difference between the two methods gnu-ssh and PHP-script, which /usr/bin/passwd recognizes, e.g. keyboard-interactive vs. tunneled-cleartext? I think of this, because I had to change some settings in /etc/ssh/sshd-config, to enable tunneled-cleartext authentication: PasswordAuthentication yes enable or disable following in sshd-config has no effect: ChallangeResponseAuthentication no UsePAM yes What does that mean: 'Authentication token manipulation error'? Is it possible to use /usr/bin/passwd with a pipe, like libssh2 does? The PAM configuration is mostly SuSE 10.0 original, except the debug-feature. /etc/pam.d/ss
Tutorials/Articles Search HCL Search Reviews Search ISOs Go to Page... LinuxQuestions.org > Forums > Linux Forums > Linux - http://www.linuxquestions.org/questions/linux-security-4/server-failing-to-allow-password-change-924318/ Security [SOLVED] Server failing to allow password change User Name Remember Me? Password Linux - Security This forum is for all security related questions. Questions, tips, system compromises, firewalls, etc. are all included here. Notices Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are currently viewing LQ as a guest. By joining our community you will authentication token have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today! Note that registered members see fewer ads, and ContentLink is completely disabled once you log in. Are you new to LinuxQuestions.org? Visit the following links: authentication token manipulation Site Howto | Site FAQ | Sitemap | Register Now If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here. Having a problem logging in? Please visit this page to clear all LQ-related cookies. Introduction to Linux - A Hands on Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter. For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own. Click Here to receive this Complete Guide absolut