Re: pam_console[3660]: getpwnam failed for <username>

From: Bobby D. Bryant (bdbryant_at_mail.utexas.edu)
Date: 05/13/03 

Date: Mon, 12 May 2003 23:45:38 -0600

On Mon, 12 May 2003 22:18:23 -0600, Bobby D. Bryant wrote:

> I just finished setting up a cluster-of-workstations using Red Hat 9 on
> new hardware, and I'm seeing a funny phenomenon.
>
> If I ssh in to the root account I can connect very reliably, but if I
> ssh in to my personal account I get *occasional* rejects with -
>
> "Connection to <hostname> closed by remote host"
>
> What's odd is that the problem moves around on the scale of ~30 minutes.
> That is, if I try to connect to each machine in turn I'll succeed with
> most but get the rejection on 1 to 3 of them (of 8 total), and if I
> immediately try again I get the error on the same ones, but if I take a
> break and then try again later I'll get the errors on *different* nodes.
>
> The problem never seems to afflict the NIS master server or slave
> servers, though perhaps I haven't been watching it long enough for that
> to be significant. (I *think* there's also one non-server that has
> never rejected me, so maybe this observation is a red herring.)
>
> After it happens I see these messages in -
>
>
> /var/log/messages -
>
> May 12 21:37:52 <hostname> automount[3247]: attempting to mount entry
> /mnt/<otherhostname>-home
>
> May 12 21:37:52 <hostname> sshd(pam_unix)[3644]: session opened for user
> <username> by (uid=500)
>
> May 12 21:38:56 <hostname> automount[3648]: expired
> /mnt/<otherhostname>-home
>
>
> /var/log/secure -
>
> May 12 21:37:52 <hostname> sshd[3640]: Accepted publickey for <username>
> from <remotehostname> port 49319 ssh2
>
> May 12 21:37:52 <hostname> pam_console[3644]: getpwnam failed for
> <username>
>
> May 12 21:37:52 <hostname> sshd[3644]: fatal: PAM session setup
> failed[14]: Cannot make/remove an entry for the specified session
>
>
> I'm pretty sure the problem isn't automount, because I never have
> trouble hitting the same mounts as root, e.g. -
>
> > ssh -C root@<hostname> ls -la /mnt/<otherhostname>-home
>
> never fails on me.
>
> And I'm pretty sure the problem isn't my NIS configuration, because it
> comes and goes without any changes to any of the systems.

OK, maybe it *is* something to do with NIS: it occurred to me to look at
the logs on the machine serving up the directory, and I see this:

May 12 21:38:16 <otherhostname> rpc.mountd: authenticated mount request
from <hostname>:800 for /home (/home)

May 12 21:38:17 <otherhostname> ypserv[3362]: refused connect from
<host-ip-address>:32775 to procedure ypproc_match

The machines' times aren't quite synchronized yet, but I believe that this
is the same event as what was quoted above. There is no matching event in
/var/log/secure on the machine serving up the file. There are no other
messages explaining why the connection was refused. 

-- 
Bobby Bryant
Austin, Texas
Quantcast