[RADIUS]Login fails. triggering six sshd processes to login device with same username and password at the same time, only one process login successfully. #21130
Description
Description
Triggering 6 sshd processes to login device with same username and password at the same time, only one user login successfully.
Steps to reproduce the issue:
- Configure Radius Server
- Configure aaa authentication on Sonic Switch
config aaa authentication login radius local - Config radius server on Sonic Switch
config radius add {RadiusServerIP} -k {RadiusServerPassword} - Try to login with test user, and the user login successful.
- Triggering six sshd processes to login device with same username and password at the same time, only one process login successfully.
Describe the results you received:
Out of six processes, only one process has been authenticated successfully.
Logs and Config:
admin@sonic:~$ show version
SONiC Software Version: SONiC.202205.204875-9a3571cec
Distribution: Debian 11.6
Kernel: 5.10.0-18-2-amd64
Build commit: 9a3571cec
Build date: Wed Jan 18 14:03:03 UTC 2023
admin@sonic:~$ show radius
RADIUS global auth_type pap
RADIUS global retransmit 3 (default)
RADIUS global timeout 5 (default)
RADIUS global passkey test123
RADIUS_SERVER address 1.1.1.1
auth_port 1812
priority 1
admin@sonic:~$ show aaa
AAA authentication login radius
AAA authentication failthrough False (default)
AAA authorization login local (default)
AAA accounting login disable (default)
admin@sonic:~# ps -ef | grep sshd
root 751 1 0 Jan01 ? 00:00:00 sshd: /usr/sbin/sshd -D [listener] 3 of 10-100 startups
root 1047375 751 0 Feb02 ? 00:00:00 sshd: admin [priv]
admin 1047496 1047375 0 Feb02 ? 00:00:00 sshd: admin@pts/1
root 1753157 751 0 09:46 ? 00:00:00 sshd: admin [priv]
admin 1753921 1753157 0 09:46 ? 00:00:00 sshd: admin@pts/0
root 1756831 751 6 09:47 ? 00:00:00 sshd: usertest [priv]
root 1756832 751 8 09:47 ? 00:00:00 sshd: usertest [priv]
root 1756833 751 5 09:47 ? 00:00:00 sshd: usertest [priv]
root 1756834 751 6 09:47 ? 00:00:00 sshd: usertest [priv]
root 1756835 751 6 09:47 ? 00:00:00 sshd: usertest [priv]
root 1756836 751 9 09:47 ? 00:00:00 sshd: usertest [priv]
sshd 1756839 1756832 1 09:47 ? 00:00:00 sshd: usertest [net]
sshd 1756840 1756831 0 09:47 ? 00:00:00 sshd: usertest [net]
sshd 1756842 1756836 0 09:47 ? 00:00:00 sshd: usertest [net]
usertest 1756866 1756834 0 09:47 ? 00:00:00 sshd: usertest
usertest 1756867 1756833 0 09:47 ? 00:00:00 sshd: usertest
admin 1756869 1753922 0 09:47 pts/0 00:00:00 grep --color=auto sshd
Dec 10 2024 16:42:35.292312 sonic INFO sshd[2342684]: Connection from 127.0.0.1 port 43622 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.292956 sonic INFO sshd[2342686]: Connection from 127.0.0.1 port 43648 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.293365 sonic INFO sshd[2342683]: Connection from 127.0.0.1 port 43610 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.293755 sonic INFO sshd[2342687]: Connection from 127.0.0.1 port 43654 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.294185 sonic INFO sshd[2342682]: Connection from 127.0.0.1 port 43608 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.295451 sonic INFO sshd[2342685]: Connection from 127.0.0.1 port 43634 on 127.0.0.1 port 2081 rdomain ""
Dec 10 2024 16:42:35.304709 sonic INFO sshd[2342684]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.305632 sonic INFO sshd[2342684]: nss: Creating user "usertest"
Dec 10 2024 16:42:35.307635 sonic INFO sshd[2342683]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.307805 sonic INFO sshd[2342685]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.308106 sonic INFO sshd[2342687]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.308390 sonic INFO sshd[2342686]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.308546 sonic INFO sshd[2342685]: Invalid user usertest from 127.0.0.1 port 43634
Dec 10 2024 16:42:35.308732 sonic INFO sshd[2342687]: Invalid user usertest from 127.0.0.1 port 43654
Dec 10 2024 16:42:35.309317 sonic INFO sshd[2342683]: Invalid user usertest from 127.0.0.1 port 43610
Dec 10 2024 16:42:35.309883 sonic INFO sshd[2342686]: Invalid user usertest from 127.0.0.1 port 43648
Dec 10 2024 16:42:35.310714 sonic INFO sshd[2342682]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.311287 sonic INFO sshd[2342682]: Invalid user usertest from 127.0.0.1 port 43608
Dec 10 2024 16:42:35.317159 sonic INFO sshd[2342682]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.317437 sonic NOTICE sshd[2342682]: pam_faillock(sshd:auth): User unknown: usertest
Dec 10 2024 16:42:35.320045 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.320211 sonic INFO sshd[2342685]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.320503 sonic NOTICE sshd[2342685]: pam_faillock(sshd:auth): User unknown: usertest
Dec 10 2024 16:42:35.321282 sonic INFO sshd[2342683]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.321785 sonic INFO sshd[2342687]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.321993 sonic INFO sshd[2342686]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.322176 sonic NOTICE sshd[2342683]: pam_faillock(sshd:auth): User unknown: usertest
Dec 10 2024 16:42:35.322246 sonic NOTICE sshd[2342687]: pam_faillock(sshd:auth): User unknown: usertest
Dec 10 2024 16:42:35.322538 sonic NOTICE sshd[2342686]: pam_faillock(sshd:auth): User unknown: usertest
Dec 10 2024 16:42:35.355893 sonic INFO [2342682]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.356266 sonic INFO useradd[2342694]: new group: name=usertest, GID=1012
Dec 10 2024 16:42:35.356452 sonic INFO useradd[2342694]: new user: name=usertest, UID=1012, GID=1012, home=/home/usertest, shell=/bin/bash, from=none
Dec 10 2024 16:42:35.370351 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.370734 sonic INFO useradd[2342694]: nss: "/var/cache/radius/user/usertest/Management-Privilege-Level": Absent.
Dec 10 2024 16:42:35.371091 sonic INFO useradd[2342694]: add 'usertest' to group 'usertest'
Dec 10 2024 16:42:35.371546 sonic INFO useradd[2342694]: add 'usertest' to shadow group 'usertest'
Dec 10 2024 16:42:35.391931 sonic INFO [2342687]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.392659 sonic INFO [2342686]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.393147 sonic INFO [2342683]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.393606 sonic INFO [2342685]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.560863 sonic INFO [2342684]: pam_radius_auth: user:usertest domain:ca hostname:125.13.16.126:1812
Dec 10 2024 16:42:35.643546 sonic INFO [2342684]: pam_radius_auth: authentication succeeded
Dec 10 2024 16:42:35.747905 sonic INFO sshd[2342684]: Accepted password for usertest from 127.0.0.1 port 43622 ssh2
Dec 10 2024 16:42:35.751078 sonic INFO sshd[2342684]: pam_unix(sshd:session): session opened for user usertest(uid=1012) by (uid=0)
Dec 10 2024 16:42:35.751908 sonic INFO sshd[2342684]: User child is on pid 2342712
Dec 10 2024 16:42:35.793955 sonic INFO sshd[2342712]: Starting session: command for usertest from 127.0.0.1 port 43622 id 0
Dec 10 2024 16:42:35.824443 sonic INFO sshd[2342712]: Close session: user usertest from 127.0.0.1 port 43622 id 0
Dec 10 2024 16:42:35.834003 sonic INFO sshd[2342712]: Connection closed by 127.0.0.1 port 43622
Dec 10 2024 16:42:35.834267 sonic INFO sshd[2342712]: Transferred: sent 2072, received 1184 bytes
Dec 10 2024 16:42:35.834383 sonic INFO sshd[2342712]: Closing connection to 127.0.0.1 port 43622
Dec 10 2024 16:42:35.834592 sonic INFO sshd[2342684]: pam_unix(sshd:session): session closed for user usertest
Dec 10 2024 16:42:37.682477 sonic INFO [2342687]: pam_radius_auth: authentication failed
Dec 10 2024 16:42:37.684928 sonic NOTICE sshd[2342687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=usertest
Dec 10 2024 16:42:37.708500 sonic INFO [2342686]: pam_radius_auth: authentication failed
Dec 10 2024 16:42:37.710814 sonic NOTICE sshd[2342686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=usertest
Dec 10 2024 16:42:37.733235 sonic INFO [2342683]: pam_radius_auth: authentication failed
Dec 10 2024 16:42:37.735558 sonic NOTICE sshd[2342683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=usertest
Dec 10 2024 16:42:37.757846 sonic INFO [2342685]: pam_radius_auth: authentication failed
Dec 10 2024 16:42:37.760176 sonic NOTICE sshd[2342685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=usertest
Dec 10 2024 16:42:37.781020 sonic INFO [2342682]: pam_radius_auth: authentication failed
Dec 10 2024 16:42:37.783306 sonic NOTICE sshd[2342682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=usertest
Dec 10 2024 16:42:40.016871 sonic INFO sshd[2342687]: Failed password for invalid user usertest from 127.0.0.1 port 43654 ssh2
Dec 10 2024 16:42:40.044460 sonic INFO sshd[2342686]: Failed password for invalid user usertest from 127.0.0.1 port 43648 ssh2
Dec 10 2024 16:42:40.069311 sonic INFO sshd[2342683]: Failed password for invalid user usertest from 127.0.0.1 port 43610 ssh2
Dec 10 2024 16:42:40.093744 sonic INFO sshd[2342685]: Failed password for invalid user usertest from 127.0.0.1 port 43634 ssh2
Dec 10 2024 16:42:40.117046 sonic INFO sshd[2342682]: Failed password for invalid user usertest from 127.0.0.1 port 43608 ssh2
Dec 10 2024 16:42:42.418766 sonic INFO sshd[2342682]: Connection closed by invalid user usertest 127.0.0.1 port 43608 [preauth]
Dec 10 2024 16:42:42.421598 sonic INFO sshd[2342685]: Connection closed by invalid user usertest 127.0.0.1 port 43634 [preauth]
Dec 10 2024 16:42:42.422696 sonic INFO sshd[2342683]: Connection closed by invalid user usertest 127.0.0.1 port 43610 [preauth]
Dec 10 2024 16:42:42.423625 sonic INFO sshd[2342687]: Connection closed by invalid user usertest 127.0.0.1 port 43654 [preauth]
Dec 10 2024 16:42:42.425027 sonic INFO sshd[2342686]: Connection closed by invalid user usertest 127.0.0.1 port 43648 [preauth]
Describe the results you expected:
All processes have been successfully authenticated.
Output of show version:
(paste your output here)
Output of show techsupport:
(paste your output here or download and attach the file here )
Additional information you deem important (e.g. issue happens only occasionally):
#14466
Try to fix it with this method, but the problem still exists.