PAM Error messages on Server - UNIX for Advanced & Expert Users

bsandeep_80 · #1 (**permalink**) 12-09-2008

Hi,

I have CVSNT installed on my Linux machine and sometimes the server goes down with the following error in /var/log/messages. Does anyone know the approach that need to followed to investigate to resolve the same. If so , please let me know.

Nov 23 05:57:43 <server ip> cvsnt(pam_unix)[6631]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:01:04 <server ip> cvsnt(pam_unix)[6652]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:01:39 <server ip> cvsnt(pam_unix)[6654]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:01:56 <server ip> cvsnt(pam_unix)[6656]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:02:06 <server ip> cvsnt(pam_unix)[6658]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:03:09 <server ip> cvsnt(pam_unix)[6660]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d
Nov 23 06:03:19 <server ip> cvsnt(pam_unix)[6663]: authentication failure; log name= uid=0 euid=0 tty= ruser= rhost= user=d

Thanks,
Sandy

otheus · #2 (**permalink**) 12-15-2008

A google of CVSNT indicates this is a version of CVS for NT. How is this related to PAM, I don't understand. What is CVSNT and why is it using PAM?

Post the contents of /etc/pam.d/cvsnt (or whatever).

bsandeep_80 · #3 (**permalink**) 12-16-2008

cat /etc/pam.d/cvsnt
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth

otheus · #4 (**permalink**) 12-16-2008

That looks normal.

But I still don't know what cvsnt is or why it needs authentication.

So if CVSNT has a port open to the world, it could be someone or something is connecting to that port, then hanging up. Or perhaps there's an application program that is invoked, but the program is interrupted and no user-info supplied.

What is CVSNT for?

bsandeep_80 · #5 (**permalink**) 12-16-2008

CVSNT is the concurrent versioning system that we are using using on this server.

otheus · #6 (**permalink**) 12-16-2008

So here's what you need to do:

Identify which ports CVSNT has open to the world[/b]
Use IPTABLES or /etc/hosts.deny to make sure those ports are only open to those IPs that need this versioning system[/b]
Make sure your system's users all have strong passwords (look for JTR - john the ripper)[/b]

If all that's okay, then this is probably nothing to worry about.

bsandeep_80 · #7 (**permalink**) 12-16-2008

Can you please guide me to accomplish this...i am really new to this. I would really appreciate your help

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
WHat do these error messages mean	mojoman	UNIX for Dummies Questions & Answers	2	11-07-2008 09:34 AM
error messages	murad.jaber	SUN Solaris	0	10-11-2007 02:02 AM
error messages in /var/adm/messages	nitinp82	UNIX for Advanced & Expert Users	1	04-17-2007 10:17 AM
Error Messages	akrathi	UNIX for Dummies Questions & Answers	1	10-26-2005 12:01 PM
error in /var/adm/messages	julie	UNIX for Dummies Questions & Answers	2	08-08-2001 04:10 PM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: