When INFO level logging is enabled, in some scenarios when RADIUS/TACACS is used in combination with local login, pam_unix(sshd:auth): check pass; user unknown
messages are seen in system logs
When INFO level logging is enabled, in some scenarios when RADIUS/TACACS is used in combination with local login, pam_unix(sshd:auth): check pass; user unknown
messages are seen in system logs
This is normal and expected behaviour on all RiOS releases. By default, SSH allows empty passwords for user logins. This means that every single user on SSH login is matched against local database with empty password. If user is found but password is set, system log will report authentication failure
and user will be prompted for password. If user is not found localy because it exists in RADIUS or TACACS database, system log will report pam_unix(sshd:auth): check pass; user unknown
and user will be again prompted for password and later checked against RADIUS/TACACS database.
All RiOS releases