tech.safesquid.com

SafeSquid SWG Community Support
http://tech.safesquid.com/forum/

PAM-Mysql Authentication in Safesquid

http://tech.safesquid.com/forum/viewtopic.php?f=34&t=1985

Page 1 of 1

PAM-Mysql Authentication in Safesquid

Posted: Fri Nov 19, 2021 9:29 pm
by SiddharthDubey55
Scenario : - MYSQL PAM Authentication in SAFESQUID.

PROBLEM : -
(/VAR/AUTH.LOGS)
Nov 20 02:17:47 swg safesquid: pam_unix(safesquid:auth): check pass; user unknown
Nov 20 02:17:47 swg safesquid: pam_unix(safesquid:auth): authentication failure; logname=root uid=999 euid=999 tty= ruser= rhost=
Screenshot (80).png
Screenshot (80).png (258.49 KiB) Viewed 3260 times

STEPS I HAVE FOLLOWED :


1. CREATED ONE TEST USER IN MYSQL DATABASE SAFESQUID WITH COLUMN LOGIN_NAME AND PASSWORD IN USER TABLE ;

Screenshot (78).png
Screenshot (78).png (88.78 KiB) Viewed 3260 times


2. MADE CONFIG FILE IN /etc/pam_mysql.conf file

Screenshot (77).png
Screenshot (77).png (70 KiB) Viewed 3260 times

3. Added pam_mysql.so in /etc/pam.d/safesquid file

Screenshot (81).png
Screenshot (81).png (121.85 KiB) Viewed 3243 times
I have also changed the owner of pam_mysql.conf owner ssquid;


Last Step Created Access Restriction Rule on safesquid.cfg

Configure --> Application setup --> Access Restriction

IP address = 192.168.163.164
Pam Authentication = TRUE
username = test (this user is in SAFESQUID Database user table)

Screenshot (83).png
Screenshot (83).png (175.92 KiB) Viewed 3210 times
Please guide me what mistake i have doing.

Re: PAM-Mysql Authentication in Safesquid

Posted: Mon Nov 22, 2021 7:51 pm
by SiddharthDubey55
this Error I am getting in auth.log



Nov 23 01:10:02 swg safesquid: message repeated 7 times: [ pam_mysql - MySQL error (Access denied for user 'root'@'localhost' (using password: YES))]
Nov 23 01:12:50 swg safesquid: pam_mysql - MySQL error (Access denied for user 'root'@'localhost' (using password: YES))
Nov 23 01:13:00 swg safesquid: message repeated 8 times: [ pam_mysql - MySQL error (Access denied for user 'root'@'localhost' (using password: YES))]
Screenshot (82).png
Screenshot (82).png (238.38 KiB) Viewed 3242 times

Re: PAM-Mysql Authentication in Safesquid

Posted: Mon Dec 06, 2021 9:31 am
by clarity
Looks like the database on MySQL needs to be given proper permissions.
Did you validate the credemtials for user@localhost?

Recommend use of pamtester for validating PAM related setup.
http://pamtester.sourceforge.net/

Re: PAM-Mysql Authentication in Safesquid

Posted: Mon Dec 06, 2021 11:37 am
by SiddharthDubey55
Hello Sir ,
I have tried with default user table of mysql

I am able to log in mysql by using those user and password in my local system

I will show share screen shot with you

Re: PAM-Mysql Authentication in Safesquid

Posted: Tue Dec 07, 2021 5:20 pm
by SiddharthDubey55
User table (DB - mysql)

Screenshot (92).png
Screenshot (92).png (104.19 KiB) Viewed 3177 times

/etc/pam-mysql.conf



Screenshot (95).png
Screenshot (95).png (119.59 KiB) Viewed 3176 times

/etc/pam.d/safesquid
Screenshot (94).png
Screenshot (94).png (95.04 KiB) Viewed 3175 times

Re: PAM-Mysql Authentication in Safesquid

Posted: Tue Dec 07, 2021 5:26 pm
by SiddharthDubey55
Below you can see i am able to Login in MYSQLClient by using this USER


Screenshot (96).png
Screenshot (96).png (194.18 KiB) Viewed 3174 times



Screenshot (93).png
Screenshot (93).png (253.92 KiB) Viewed 3174 times

Re: PAM-Mysql Authentication in Safesquid

Posted: Thu Dec 09, 2021 8:12 am
by clarity
What do you see in the MySQL logs for the authentication failure error events?
What is the result of pamtester?

Re: PAM-Mysql Authentication in Safesquid

Posted: Fri Dec 10, 2021 8:47 pm
by SiddharthDubey55
Hello Sir,

Problem Solved

set user.password_crypt=0 ( /etc/pam-mysql.conf )

Thanks for the help
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/