sudo: auth could not identify password for [user]

Discussions Regarding Software

Moderator: Moderators

sudo: auth could not identify password for [user]

Postby linuxfluesterer » Fri Feb 01, 2013 23:14

Hallo guys.
Since some days (actually from /var/log messages it started on 29/01/ after an upgrade with Rigo), I see, that there is some process writing permanently on my ssd. So, when I start to watch /var/log/messages as root with command:
Code: Select all
tail -f /var/log/messages

then I see the following:
Code: Select all
Feb  1 22:37:10 localhost sudo: pam_unix(sudo:auth): conversation failed
Feb  1 22:37:10 localhost sudo: pam_unix(sudo:auth): auth could not identify password for [linuxfluesterer]
Feb  1 22:37:11 localhost sudo: pam_unix(sudo:auth): conversation failed
Feb  1 22:37:10 localhost sudo: pam_unix(sudo:auth): auth could not identify password for [linuxfluesterer]
Feb  1 22:37:11 localhost sudo: pam_unix(sudo:auth): conversation failed
Feb  1 22:37:10 localhost sudo: pam_unix(sudo:auth): auth could not identify password for [linuxfluesterer]
Feb  1 22:37:11 localhost sudo: pam_unix(sudo:auth): conversation failed
Feb  1 22:37:10 localhost sudo: pam_unix(sudo:auth): auth could not identify password for [linuxfluesterer]
Feb  1 22:37:11 localhost sudo: pam_unix(sudo:auth): conversation failed
.
.
.

These messages are repeated about 3 times per second and written into my /var/log/messages file. In between there are thousand of the same messages.
But these messages appear only, when I am logged in into my GUI (KDE 4.9.5). When I leave the GUI session, these messages stop.

So, what can I do to find out is the origin for auth failure? (Which process works in my name as 'sudo')?
And how can I stop it?

As all I remember, I haven't installed a new program or plasmoid...
The only script I launch with a 'sudo', is an rsync script for my backups.

I'd really appreciate your help. Thank you in advance.

-Linuxfluesterer (I love KDE ...)

Core i5, 8GB Ram, 240 GB ssd, NVidia GT630M, with Kernel 3.7.4 and KDE 4.9.5.
I really hope, that by the Brexit (poor Britain), TTIP will be finally prevented. But don't get tired to talk to your local politician to open eyes for danger to democracy because of TTIP
User avatar
linuxfluesterer
Old Dear Hen
 
Posts: 704
Joined: Thu Sep 20, 2012 19:47
Location: Germany

Re: sudo: auth could not identify password for [user]

Postby linuxfluesterer » Sat Feb 02, 2013 14:31

Update: When adding the following line to /etc/sudoers as root with 'visudo'
Code: Select all
linuxfluesterer  ALL=NOPASSWD: ALL

then sudo doesn't ask me for any password (I know, dangerous!),
but in that moment the auth failure messages stop.
When I change this line to
Code: Select all
linuxfluesterer  ALL=ALL

then password is required for sudo and the auth failure messages appear again.

-Linuxfluesterer (I love KDE ...)
I really hope, that by the Brexit (poor Britain), TTIP will be finally prevented. But don't get tired to talk to your local politician to open eyes for danger to democracy because of TTIP
User avatar
linuxfluesterer
Old Dear Hen
 
Posts: 704
Joined: Thu Sep 20, 2012 19:47
Location: Germany

Re: sudo: auth could not identify password for [user]

Postby linuxfluesterer » Sun Feb 03, 2013 12:47

...
Update: Of course, in between, I was looking around for more information about the messages, I received.
So, one thing I did was, that I created a file named /etc/sudo.conf, which contains:
Code: Select all
Debug sudo /tmp/sudo_dbg.log [email protected],[email protected]

That leads into the effect, that there is a new debug (sudo) login file in /tmp with name sudo_dbg.log. It doesn't exist per default. And when you don't use the debug any more, then delete that file or outmark it with a '#'.
Ok after done this, I relogged in to KDE and the results of my logins (and those I am not conscious of) are written into that file. It's a lot because growing fast. I loose overview.
So, finally, I decided to do a radical cut. I restored my backup of the whole partition /dev/sda1 (my Root partition for SL X) and the problem doesn't appear anymore.
I haven't found the answer, why the sudo pam authentification failed, neither I could fix it.
But I got nervoes, and because my own data in home directory is up to date, I haven't lost much.
Anyway, it was good to learn how to restore.
In fact, sudo and sudoers is a hard topic. I really prefer the 'su' to the 'sudo' command. Since SuSE I did and I also always created a root password in Kubuntu then to have root access.

Thank you for reading this thread.

-Linuxfluesterer (I love KDE ...)
I really hope, that by the Brexit (poor Britain), TTIP will be finally prevented. But don't get tired to talk to your local politician to open eyes for danger to democracy because of TTIP
User avatar
linuxfluesterer
Old Dear Hen
 
Posts: 704
Joined: Thu Sep 20, 2012 19:47
Location: Germany

Re: sudo: auth could not identify password for [user]

Postby Fitzcarraldo » Sun Feb 03, 2013 18:07

linuxfluesterer wrote:Update: When adding the following line to /etc/sudoers as root with 'visudo'
Code: Select all
linuxfluesterer  ALL=NOPASSWD: ALL

then sudo doesn't ask me for any password (I know, dangerous!),
but in that moment the auth failure messages stop.
When I change this line to
Code: Select all
linuxfluesterer  ALL=ALL

then password is required for sudo and the auth failure messages appear again.

-Linuxfluesterer (I love KDE ...)

Use the following instead:

Code: Select all
linuxfluesterer ALL=(ALL) NOPASSWD: ALL

Very insecure, mind you.

Or, if you want to force the entry of a user password:

Code: Select all
linuxfluesterer ALL=(ALL) ALL
User avatar
Fitzcarraldo
Sagely Hen
 
Posts: 7981
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom

Re: sudo: auth could not identify password for [user]

Postby linuxfluesterer » Sun Feb 03, 2013 19:14

Fitzcarraldo wrote:
linuxfluesterer wrote:Update: When adding the following line to /etc/sudoers as root with 'visudo'
Code: Select all
1.linuxfluesterer  ALL=NOPASSWD: ALL


Use the following instead:

Code: Select all
linuxfluesterer ALL=(ALL) NOPASSWD: ALL

Very insecure, mind you.

Pls, what is the difference to 1.?
I know, that this is insecure, so, for that reason, I don't want to change the original rules in /etc/sudoers.

Fitzcarraldo wrote:Or, if you want to force the entry of a user password:


Code: Select all
linuxfluesterer ALL=(ALL) ALL

With that entry, sudo produces an auth failure message "Could not identify password for ..." , which I can't find, why.
Finally, I want to use the pure Sabayon /etc/sudoers with the only activated lines:
Code: Select all
# User privilege specification
root    ALL=(ALL) ALL
..
#Added by Sabayon Installer
%wheel  ALL=ALL

I assume, that I have installed a plasmoid or superkaramba widget in last days (I forgot, which one).
And to prevent insecurity of lacking password or permanently writing auth failure messages, when pw is forced,
I have restored a SL X partition backup from 27/01/2013.
Now, I'm content, though I don't know how to correct the auth failure message.

Thank you anyway for your support, Fitzcarraldo.

-Linuxfluesterer (I love KDE ...)
I really hope, that by the Brexit (poor Britain), TTIP will be finally prevented. But don't get tired to talk to your local politician to open eyes for danger to democracy because of TTIP
User avatar
linuxfluesterer
Old Dear Hen
 
Posts: 704
Joined: Thu Sep 20, 2012 19:47
Location: Germany


Return to Software in General

Who is online

Users browsing this forum: No registered users and 1 guest

cron